721 matches found
CVE-2024-45781
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure...
CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
CVE-2025-0677
A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grubmalloc may be called with a smaller...
CVE-2025-1118
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory...
CVE-2025-1125
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size...
CVE-2024-45780
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...
CVE-2025-0684
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesyste...
CVE-2025-0690
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to...
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...
Ruifang-tech Rebuild 安全漏洞
Ruifang-tech Rebuild is a zero-code, open-source and free enterprise management system from China Ruifang Ruifang-tech. A security vulnerability exists in Ruifang-tech Rebuild version 3.8.6. An attacker can exploit the vulnerability by incorrectly manipulating the nexturl parameter with the input...
Malicious code in evil-package-for-test2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d141529121b568f8705000de163ace0e815677592f10b3a603b92431e105aefe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in evil-package-for-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a239752739844b809432df8dcc829f77e1a30400c98e4d475d703d3fd7dceb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11141 Malicious code in evil-package-for-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a239752739844b809432df8dcc829f77e1a30400c98e4d475d703d3fd7dceb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10743 Malicious code in alex_evil-test-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 055ea9627aa88ed77488e1c0cdc293a76dfe9e3d24d6fbfc3c897233e426303d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-49504
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks...
Malicious code in test-evil-pkg-reverse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61acc3b6b342e65ed4e73d06d4e1361360c9c90c1d6d4974045bceee140bd1dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)
Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Trouble: Evil Corp&...
LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort
A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit aka Bitwise Spider ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspecte...
Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence
UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence...
Malicious code in evil-select-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db8225867ca74c2a2192382dc4abcc5119fb1ac07049412245e3a686524138f8 Package description attempts to pentest/exploit the PyPI web interface. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but als...