35 matches found
EUVD-2021-20832
Malware in sbrugna...
EUVD-2022-29037
Malicious code in bioql PyPI...
EUVD-2022-29036
Malicious code in bioql PyPI...
CVE-2022-24126
A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allows remote attackers to execute arbitrary code via matchmaking servers, a different vulnerability than CVE-2021-34170...
CVE-2022-24125
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
CVE-2021-34170
Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code...
Elden Ring maker Bandai Namco hit by ransomware and data leaks
Its not been a great couple of months for gaming giant Bandai Namco. The name behind smash hit titles like Elden Ring and Dark Souls has endured a long run of cheats and hacks. Hacking concerns led to Remote Code Execution issues, and multiplayer features in Souls titles were disabled for months...
Skeletons in the Closet: Security 101 Takes a Backseat to 0-days
Rarely a month goes by without the infosec industry being plagued by a new zero-day apocalypse. Most recently in December 2021, the world was swept by a series of vulnerabilities in Log4J – a popular logging system used by thousands of systems around the world. While writing this article, the...
Elden Ring exploit traps players in infinite death loop
Back in January, we wrote about how the Dark Souls games had their online components switched off for PC gamers. This is because someone figured out how to execute code remotely on the target’s PC. Given that the multiplayer angle of Souls games is rather important, this was quite a body blow for...
CVE-2022-24125
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
CVE-2022-24125
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
CVE-2022-24125
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
Authentication flaw
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
CVE-2022-24126
A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allows remote attackers to execute arbitrary code via matchmaking servers, a different vulnerability than CVE-2021-34170...
CVE-2022-24126
A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allows remote attackers to execute arbitrary code via matchmaking servers, a different vulnerability than CVE-2021-34170...
CVE-2022-24126
A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allows remote attackers to execute arbitrary code via matchmaking servers, a different vulnerability than CVE-2021-34170...
Buffer overflow
A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allows remote attackers to execute arbitrary code via matchmaking servers, a different vulnerability than CVE-2021-34170...
CVE-2022-24125
Dark Souls III’s matchmaking server vulnerability CVE-2022-24125 allows remote attackers to send arbitrary push messages to clients via RequestSendMessageToPlayers, bypassing client-side restrictions. The issue affects DS3 versions up to 2022-03-19 and can enable large-scale pushes to hundreds of...
CVE-2022-24125
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...
PT-2022-16479 · Fromsoftware · Dark Souls Iii
Name of the Vulnerable Software and Affected Versions: Dark Souls III versions through 2022-03-19 Description: The matchmaking servers allow remote attackers to send arbitrary push requests to clients via a "RequestSendMessageToPlayers" request. This issue is restricted on the client side and can...