Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-11547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid...

5.5CVSS5.8AI score0.01097EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in gauss-react-rest (npm)

The package gauss-react-rest was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-21216 Malicious code in gauss-react-rest (npm)

The package gauss-react-rest was found to contain malicious code...

7.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/07/29 5:46 p.m.53 views

fast-xml-parser vulnerable to ReDOS at currency parsing

Summary A ReDOS that exists on currency.js was discovered by Gauss Security Labs R&D team. Details https://github.com/NaturalIntelligence/fast-xml-parser/blob/v4.4.0/src/v5/valueParsers/currency.jsL10 contains a vulnerable regex PoC pass the following string '\t'.repeat13337 + '.' Impact Denial o...

7.5CVSS7.4AI score0.00828EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2020/02/18 3:15 a.m.1 views

CVE-2020-1790

GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands...

8.8CVSS7.3AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/10/30 11:11 p.m.9 views

gauss-mm.hu XSS vulnerability

Open Bug Bounty ID: OBB-693229 Description| Value ---|--- Affected Website:| gauss-mm.hu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unti...

0.1AI score
Exploits0
CNVD
CNVD
added 2017/08/03 12:0 a.m.2 views

TiMidity++ 'resample_gauss' Function Denial of Service Vulnerability

TiMidity++ is an open source audio file converter and player that can convert MIDI files to other formats. A security vulnerability exists in the 'resamplegauss' function of the resample.c file in TiMidity++ version 2.14.0. A remote attacker can exploit this vulnerability to cause a denial of...

5.5CVSS7AI score0.01097EPSS
Exploits0References1
OSV
OSV
added 2017/07/31 1:29 p.m.1 views

DEBIAN-CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS5.2AI score0.01097EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2014/03/12 11:28 a.m.8 views

Agent.btz Malware May Have Served as Starting Point for Red October, Turla

Researchers looking into the recently uncovered Turla, or Snake, cyber espionage campaign have discovered some similarities connecting it to older pieces of malware such as Agent.btz, the worm that several years ago infected U.S. military networks and eventually caused the Department of Defense t...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2013/11/10 3:38 p.m.10 views

Stuxnet also infected the internal network of a Russian nuclear plant

We have a lot of information on Stuxnet virus, a powerful malware that for the first time has shown to governments the capabilities and efficiency of a cyber weapon. Eugene Kaspersky, CEO of Kasperky security firm revealed that Stuxnet had badly infected the internal network of a Russian nuclear...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2013/01/02 4:59 p.m.9 views

2012: What Have We Learned

There’s a natural inclination for people at the end of each year to look back, take stock and try to draw some grand meaning or life lessons out of the events of the past 12 months. This is a particularly risky and difficult thing to do in the security industry, given its inherent unpredictabilit...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2012/12/31 1:3 p.m.7 views

Tool Aids in Cracking Mysterious Gauss Malware Encryption

The mystery wrapped inside a riddle that is the Gauss malware’s encryption scheme may be closer to falling. Late last week, researcher Jens Steube, known as Atom, put the wraps on a tool that should bring experts closer to breaking open the encryption surrounding the espionage malware’s payload...

6.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/11/16 3:32 p.m.9 views

More Flame Modules Could Be Lurking

BROOKLYN, NY–After years of research and investigation into the cyber-espionage attacks that began with the discovery of Stuxnet and continued with Flame, Duqu and Gauss, there still are many details that are unknown. While researchers have a pretty good handle on many of the tools’ capabilities,...

Exploits0References5
The Hacker News
The Hacker News
added 2012/10/15 3:22 p.m.11 views

miniFlame - A New cyber espionage malware discovered

Kaspersky has discovered new malware dubbed 'miniFlame', cyber espionage software directly linked to Flame. This new nation-state espionage malware that has ties to two previous espionage tools known as Flame and Gauss, and that appears to be a "high-precision, surgical attack tool" targeting...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2012/10/15 12:30 p.m.17 views

Precision Espionage miniFlame Malware Tied to Flame, Gauss

One of three previously unseen pieces of malware discovered during forensic analysis of the Flame malware command-and-control servers has been identified as a secondary surveillance tool deployed against specially identified targets, and only after an initial Flame or Gauss compromise, researcher...

0.2AI score
Exploits0References6
The Hacker News
The Hacker News
added 2012/09/08 3:29 p.m.9 views

Gauss Malware Detection Tool released by Iranian CERT

Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection. Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. Gauss primarily...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2012/08/10 6:54 p.m.9 views

Kaspersky Labs uncover 'Gauss' Espionage Malware hits Middle East banks

A new cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. After Stuxnet, Duqu, and Flame, this one seems to mainly spy on computer users in Lebanon. It's been dubb...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2012/08/10 3:57 p.m.6 views

Researchers Release Detection Tool For Gauss Malware's Palida Narrow Font

One of the many mysteries around the discovery of the Gauss malware is why the tool installs a new font called Palida Narrow on infected machines. Researchers have been unable to figure out yet what the purpose of the font is, but as its presence on a PC is a good indicator of a Gauss infection,...

1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/08/10 3:3 p.m.10 views

Infographic: Stuxnet's Cyberwar Vines Untangled

Keeping track of the relationships between various malware families can be hard, especially when you’re talking about espionage tools such as Stuxnet and Gauss. Veracode has put together an infographic as a general recap of the life and times of Stuxnet, the much-discussed cyber worm that first...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/08/09 1:31 p.m.41 views

New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East

A new piece of malware dubbed Gauss, that experts say is a direct descendant of Flame and also related to Stuxnet and Duqu, has been found on thousands of PCs in the Middle East, mostly in Lebanon. Gauss contains some of the same code as Flame, but is markedly different in a number of respects,...

9.3CVSS7.5AI score0.91324EPSS
Exploits13References5
Rows per page
Query Builder