44 matches found
EUVD-2020-26771
Malware in sbrugna...
Verifiable Weighted Secret Sharing
Traditionally, threshold secret sharing TSS schemes assume all parties have equal weight, yet emerging systems like blockchains reveal disparities in party trustworthiness, such as stake or reputation. Weighted Secret Sharing WSS addresses this by assigning varying weights to parties, ensuring...
CVE-2020-5610
Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...
Malicious code in bmw.dealers.web (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1828 Malicious code in bmw.dealers.web (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-25842
CVE-2024-25842 affects the PrestaWorld Prestasalesmanager module used with PrestaShop up to version 9.0. The issue allows remote attackers to escalate privileges and access sensitive information via the uploadLogo() and postProcess() methods in the module. Concrete details across multiple sources...
CVE-2024-25842
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" prestasalesmanager module for PrestaShop before version 9.0, allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo and postProcess methods...
CVE-2024-25842
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" prestasalesmanager module for PrestaShop before version 9.0, allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo and postProcess methods...
CVE-2024-25840
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
CVE-2024-25840
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
Path traversal
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
CVE-2024-25840
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
dealers-planet.de Cross Site Scripting vulnerability OBB-3388475
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dealers.antiquesnavigator.com Cross Site Scripting vulnerability OBB-3232774
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dealers-planet.de Cross Site Scripting vulnerability OBB-2678873
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-5610
Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...
Design/Logic Flaw
Global TechStream GTS for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service DoS condition and execute arbitrary code via unspecified vectors...
CVE-2020-5610
CVE-2020-5610 affects Global TechStream (GTS) for TOYOTA dealers (version 15.10.032 and earlier). Multiple connected sources describe a buffer overflow (CWE-121) in GTS that can allow an attacker to execute arbitrary code or cause a denial-of-service (DoS). The root cause is a vulnerability in GT...
Weed Sales on the Dark Web Surged Early in the Pandemic
Research shows that as Covid-19 lockdowns spread, people turned to internet dealers for their pot fix...
A Brisk Private Trade in Zero-Days Widens Their Use
There were more zero-days exploited in 2019 than any of the previous three years, according to telemetry from FireEye Mandiant. The firm said that’s likely due to more zero-days coming up for sale by cyber-weapons dealers like NSO Group; a growing commercial market has made such tools much more...