Lucene search
K

22 matches found

EUVD
EUVD
added 2026/06/25 4:34 a.m.6 views

EUVD-2026-39178

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to conceal content within a Snippet due to improper input validation...

4.3CVSS5.9AI score0.00223EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52201

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 14.8 through 18.11.5 GitLab CE/EE versions 19.0 through 19.0.2 GitLab CE/EE versions 19.1 through 19.1.0 Description An issue exists where improper input validation could allow an authenticated user to conceal content...

4.3CVSS5.8AI score0.00223EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 4:50 p.m.11 views

Malicious code in prisma-client-python (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ba0c0f6a1d1bdb5bffb45ca56fb99b8084fba921cc7689b6e8913c0436fe392 The package's CLI flow ppy generate reads dist/index.enc, a 346 KB AES-encrypted blob, decrypts it using a key extracted from dist/key.enc substring...

6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:57 a.m.7 views

CVE-2026-9053

Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file path, and then conceal this form element...

8.2CVSS5.8AI score0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Directus 安全漏洞

Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.17.0 contained a security vulnerability. This vulnerability stemmed from the use of aggregate functions on conceal-type fields, whi...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.8 views

CVE-1999-0098

Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities...

10CVSS7.4AI score0.03135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:38 a.m.8 views

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...

5CVSS7AI score0.24185EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-0552

Malware in sbrugna...

5CVSS6.4AI score0.01348EPSS
Exploits0References2
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/10/15 12:0 a.m.13 views

Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions

Trend Micro's Threat Hunting Team has observed EDRSilencer, a red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.8 views

PT-2024-30655 · Gitoxide · Gitoxide

Name of the Vulnerable Software and Affected Versions: gitoxide affected versions not specified Description: The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometim...

2.5CVSS7AI score0.00198EPSS
Exploits0References13
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/05/30 12:0 a.m.38 views

Decoding Water Sigbin's Latest Obfuscation Tricks

Water Sigbin aka the 8220 Gang exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against...

7.5CVSS7.2AI score0.99811EPSS
Exploits19
Prion
Prion
added 2023/07/06 8:15 p.m.23 views

Design/Logic Flaw

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 2.6.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, an attacker can craft a verified profile link using specific formatting to conceal arbitrary parts of the link, enabling it to appear to link to a...

5.8CVSS5.5AI score0.00622EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/22 12:0 a.m.7 views

The vulnerability of the Protect technology of the Yandex Browser allows a violator to conceal notifications of suspicious content.

The vulnerability of the Protect technology of the Yandex Browser is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to conceal notifications of suspicious content...

7.8CVSS6.6AI score0.01598EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/16 4:47 p.m.24 views

CVE-2020-9916

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the...

5.9AI score0.01361EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2019/03/01 12:0 a.m.4 views

The vulnerability of the scp file copy-to-remote utility’s implementation, related to access control deficiencies, allows a perpetrator to conceal the name of the transferred file.

The vulnerability of the scp file copy utility implementation is related to lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to conceal the name of the transferred file while operating remotely...

7.1CVSS6.8AI score0.03807EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/03/01 12:0 a.m.3 views

The vulnerability of the scp file copy-to-remote utility’s implementation, related to access control deficiencies, allows a perpetrator to conceal the name of the transferred file.

The vulnerability of the scp file copy utility implementation is related to lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to conceal the name of the transferred file while operating remotely...

7.1CVSS6.8AI score0.20906EPSS
Exploits8References4Affected Software2
Akamai Blog
Akamai Blog
added 2018/04/09 3:30 p.m.54 views

Universal Plug and Play (UPnP): What you need to know

Universal Plug and Play UPnP is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a...

1.1AI score
Exploits0
HackRead
HackRead
added 2017/11/22 1:30 p.m.21 views

Uber Paid Hackers $100k to Hide Massive Theft of 75M Accounts

By Waqas It’s surprising to some and shocking to many. Despite a This is a post from HackRead.com Read the original post: Uber Paid Hackers $100k to Hide Massive Theft of 75M Accounts...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2015/02/13 7:13 p.m.13 views

DroidStealth — Android Encryption Tool with Stealth Capabilities

We all have Internet-connected smartphones in our pockets, but it’s very hard to find a place on Internet to feel secure and private. No doubt, there is data Encryption on cell phones, but what’s the use if it is cracked by hackers or law enforcement? What if the encrypted files don’t exist in th...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2014/02/06 11:3 p.m.10 views

Facebook releases 'Conceal' API for Android developers to Encrypt data on Disk

Many Smartphone applications support, installation or app data storage to an external SD Card, that can be helpful in saving space on the internal memory, but also vulnerable to hackers. Typically, an app that has permission to read and write data from an SD card has the permission to read all da...

6.6AI score
Exploits0
Rows per page
Query Builder