Malicious code in @zalastax/nolb-csb (npm)

The package @zalastax/nolb-csb was found to contain malicious code...

MAL-2025-43176 Malicious code in @zalastax/nolb-csb (npm)

The package @zalastax/nolb-csb was found to contain malicious code...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox regressions (USN-5954-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5954-2 advisory. USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...

new packages: hunspell-csb

An update is available for hunspell-csb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

csb-battery.com.tw Cross Site Scripting vulnerability OBB-2368026

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Hitachi Energy Retail Operations and CSB Software

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: High attack complexity Vendor: Hitachi Energy Equipment: Retail Operations and Counterparty Settlement and Billing CSB Product Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

CVE-2021-35528

CVE-2021-35528 — Hitachi Energy Retail Operations/CSB is an improper access control vulnerability (CWE-284) in the application’s authentication/authorization that relies on local session validation, enabling an unauthorized, signed Java Applet JAR to be executed. Affected versions: Hitachi Energy...

Hitachi ABB Power Grids eSOMS 安全漏洞

Hitachi ABB Power Grids eSOMS is an application from Hitachi ABB Power Grids. a shift operations management system for the power generation industry. A security vulnerability exists in Hitachi ABB's Grids Retail Operations and Transaction Settlement Billing CSB 5.7.2 and prior versions, which ste...

csb-battery.com.tw Cross Site Scripting vulnerability

Security Researcher Th3plumb3r Helped patch 52 vulnerabilities Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting csb-battery.com.tw website and its users. Following coordinated and responsible...

csb-battery.com XSS vulnerability

Open Bug Bounty ID: OBB-693776 Description| Value ---|--- Affected Website:| csb-battery.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

csb-battery.com XSS vulnerability

Open Bug Bounty ID: OBB-512010 Description| Value ---|--- Affected Website:| csb-battery.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

Several vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third-party TYPO3 extensions: accessibleisbrowseresults, maagformcaptcha, metafeedit, rzautocomplete, sbfolderdownload, sgzfelib, sgzlib, tqseo Release Date: June 03, 2013 Please read first: This Collective Security Bulletin CSB is a listin...

Multiple vulnerabilities in third-party extensions

Several vulnerabilities have been found in the following third party TYPO3 extensions: Commenting system Backend Module commentsbe, Tiny Market hmtinymarket, Yet Another Calendar keyac, The official twitter tweet button for your page tweetbutton, XING Button xing Release Date: September 2, 2010...

Multiple vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third party TYPO3 extensions: Event Manager eventmanagement, Game Article DB gamearticledb, Simple career mlcareer, Surprise Calendar mlsurprisecalendar, Search Api Ajax Google searchajaxgoogle, Download Manager sprdownloadmanager Release...

Multiple vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third party TYPO3 extensions: "AIRware Lexicon" airlexicon, "AST ZipCodeSearch" astaddresszipsearch, "Car" car, "Event Registration" eventregistr, "Solidbase Bannermanagement" SBbanner, "t3maffiliate" t3maffiliate, "AJAX Chat" vjchat Releas...