867 matches found
PYSEC-2022-43105
The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...
Malicious Package
Overview democritus-dates is a malicious package. This package is used for dependency confusion attempts and contains malicious code. The package now exists as a placeholder on PyPI. Remediation Avoid using all malicious instances of the democritus-dates package. References - GitHub Issue - GitHu...
d8s-dates (=0.1.0), d8s-dicts (=0.1.0) +5 more potentially affected by unknown CVE via democritus-hypothesis (=2021.1.2101)
democritus-hypothesis PYPI version =2021.1.2101 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-hypothesis and may be impacted: - d8s-dates =0.1.0 - d8s-dicts =0.1.0 - d8s-domains =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-strings =0.1.0 -...
PYSEC-2022-43105
The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...
d8s-timer (=0.1.0) potentially affected by unknown CVE via democritus-dates (=2021.2.1101)
democritus-dates PYPI version =2021.2.1101 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-dates and may be impacted: - d8s-timer =0.1.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DEMOCRITUSDATES-8400836...
d8s-dates (=0.1.0) potentially affected by unknown CVE via democritus-timezones (=2021.1.201)
democritus-timezones PYPI version =2021.1.201 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-timezones and may be impacted: - d8s-dates =0.1.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DEMOCRITUSTIMEZONES-8400832...
CVE-2022-40808
CVE-2022-40808 affects the Python package d8s-dates distributed on PyPI, where a third-party backdoor (democritus-hypothesis) in version 0.1.0 enables potential remote code execution. Affected component is the d8s-dates package as shipped; root cause is insertion of a code-execution backdoor by a...
PT-2022-25547 · Pypi · D8S-Dates +1
Name of the Vulnerable Software and Affected Versions: d8s-dates version 0.1.0 Description: The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. Recommendations: For version...
Democritus Project 安全漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project version 0.1.0, which stems from a potential code execution backdoor in d8s-dates inserted by a third party, which...
PT-2022-37368 · Pypi · D8S-Dates +1
Name of the Vulnerable Software and Affected Versions: d8s-dates version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-dates package for python, distributed on PyPI. The backdoor is related to the democritus-hypothesis package. Recommendations:...
Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Process Server
Summary WebSphere Application Server is shipped as a component of WebSphere Process Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin:...
CVE-2022-2376
creationtimestamp| type| source ---|---|--- 2022-09-05 16:12:11+00:00| seen| https://t.me/cibsecurity/49285 2024-11-25 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-25 2024-11-28 00:00:00+00:00| exploited| The Shadowserver...
Ubuntu: Security Advisory (USN-5109-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Additional Lifecycle Information for Receiver for Mac
This article is a supplement to theLifecycle Milestones for Citrix Workspace App and Citrix Receiver . It provides additional details on End of Maintenance and End of Support dates for the listed versions of Citrix Receiver for Mac. Additional Lifecycle Information for Receiver for Mac Receiver f...
CVE-2022-1373
creationtimestamp| type| source ---|---|--- 2022-08-18 00:40:43+00:00| seen| https://t.me/cibsecurity/48303 2024-07-19 17:55:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/softingsisrce.rb 2025-02-06 03:13:45+00:00| seen|...
CVE-2022-20345
creationtimestamp| type| source ---|---|--- 2022-08-03 13:20:04+00:00| seen| https://t.me/truesecator/3248 2022-08-04 07:00:05+00:00| seen| https://t.me/TopCyberTechNews/83 2022-08-11 00:26:13+00:00| seen| https://t.me/cibsecurity/47890 2022-08-20 17:00:04+00:00| seen| https://t.me/poxek/2320...
[SECURITY] Fedora 36 Update: golang-github-rickb777-date-1.19.1-3.fc36
A Go package for working with dates...
CVE-2022-34961
creationtimestamp| type| source ---|---|--- 2022-07-25 18:39:15+00:00| seen| https://t.me/cibsecurity/46931 2022-07-26 14:26:03+00:00| published-proof-of-concept| https://t.me/intelexch/15828 2022-07-26 16:33:25+00:00| seen| Telegram/FFymLLIK1VykiTo0qiu5oiOuLgw0sFOxywUPTyY6TqRLAw 2022-07-30...
Fedora: Security Advisory for golang-github-rickb777-date (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: golang-github-rickb777-date-1.15.3-4.fc35
A Go package for working with dates...