30 matches found
EUVD-2025-10310
Malicious code in bioql PyPI...
MAL-2025-11044 Malicious code in @zalastax/nolb-cs2 (npm)
The package @zalastax/nolb-cs2 was found to contain malicious code...
Malicious code in @zalastax/nolb-cs2 (npm)
The package @zalastax/nolb-cs2 was found to contain malicious code...
CVE-2020-9526
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising...
CVE-2025-29594
A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $GET'errorcode' parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scriptin...
CS2 WeaponPaints Website 安全漏洞
CS2 WeaponPaints Website is a server for plugin by LielXD Personal Developer. A security vulnerability exists in CS2 WeaponPaints Website version v2.1.7, which stems from the errorpage.php file not adequately validating user input, which could lead to cross-site scripting attacks and information...
CVE-2025-29594
A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $GET'errorcode' parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scriptin...
CVE-2025-29594
A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $GET'errorcode' parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scriptin...
Hackers Hijack YouTube Channels to Target CS2 Fans with Fake Giveaways
Bitdefender warns CS2 fans of scams using hijacked YouTube channels, fake giveaways, and crypto fraud. Protect your Steam account and avoid phishing traps...
cs2.dreamplaygames.co.kr Cross Site Scripting vulnerability OBB-3950085
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Gamers Warned of Potential CS2 Exploit That Can Reveal IP Addresses
By Waqas Gaming influencers are advising CS2 players to refrain from playing the game at the moment. This is a post from HackRead.com Read the original post: Gamers Warned of Potential CS2 Exploit That Can Reveal IP Addresses...
@0x0bit/sails-hook-redis (>=0.1.1 <=0.1.2), @driscode/cs2-lib (>=5.8.1-driscode-5 <=5.9.0-driscode-52) +137 more potentially affected by CVE-2023-38504 via sails (>=0.10.5 <=1.5.17)
sails NPM version =0.10.5, =0.1.1, =5.8.1-driscode-5, =3.0.0, =1.0.0, =0.0.1-prerelease, =1.1.8, =0.0.0, =0.0.0, =1.0.0, =1.3.2 - barmecide =0.0.5 - cacrypt =0.0.1 and more Source cves: CVE-2023-38504 Source advisory: OSV:GHSA-GPW9-FWM8-7RX7...
CVE-2020-9525
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices...
CVE-2020-9525
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices...
CVE-2020-9526
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising...
Authentication flaw
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices...
CVE-2020-9526
Technical details about CVE-2020-9526 are not publicly available in the provided documents. Monitor for updates from vendors and vulnerability databases.
CVE-2020-9526
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising...
CVE-2020-9525
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices...
CVE-2020-9525
CVE-2020-9525 affects CS2 Network P2P up through version 3.x used in IoT devices. The connected documents describe an authentication flaw that enables a man-in-the-middle attack, allowing eavesdropping on video/audio streams, credential capture, and device compromise. The root cause is an authent...