Lucene search
K

78 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/03 5:4 p.m.6 views

Malicious code in python-guild (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e80e97d90a6fe86d94b3d80feac7f7f53e0eb1ee29320ebb7612cdf7a5449f3d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: spl-types-rentry-2024-07 Reasons based on the campaign: -...

7AI score
Exploits0References3
OSV
OSV
added 2024/07/03 5:4 p.m.7 views

MAL-2024-10133 Malicious code in python-guild (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e80e97d90a6fe86d94b3d80feac7f7f53e0eb1ee29320ebb7612cdf7a5449f3d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: spl-types-rentry-2024-07 Reasons based on the campaign: -...

6.9AI score
Exploits0References3
Openbugbounty
Openbugbounty
added 2024/03/19 1:3 p.m.5 views

tickets.texascraftbrewersguild.org Cross Site Scripting vulnerability OBB-3879065

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/01/31 10:47 a.m.8 views

athleteguild.com Cross Site Scripting vulnerability OBB-3846607

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.13 views

WordPress Guild Raid Progression for WoW and Raider IO Plugin < 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Guild Raid Progression for WoW and Raider IO Type Plugin Vulnerable versions 1.0.3 Fixed in 1.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 44f4e0b3ae81 Credits Rafie...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/08/31 10:26 p.m.6 views

@guild-docs/client (>=2.0.0 <=4.0.0-alpha-b500768.0) potentially affected by CVE-2022-36036 via mdx-mermaid (=1.2.2)

mdx-mermaid NPM version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mdx-mermaid and may be impacted: - @guild-docs/client =2.0.0, =4.0.0-alpha-b500768.0 Source cves: CVE-2022-36036 Source advisory: OSV:GHSA-RVGM-35JW-Q628...

7.8CVSS7.1AI score0.00383EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:21 p.m.2 views

Malicious code in mobile-guild-kb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5411acc8e88aa97cb7acff34873c8baf6b92d02bd87cd23292294dae6a232ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:21 p.m.8 views

MAL-2022-4651 Malicious code in mobile-guild-kb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5411acc8e88aa97cb7acff34873c8baf6b92d02bd87cd23292294dae6a232ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2021/06/09 3:15 p.m.1 views

CVE-2020-27384

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

7.8CVSS7.1AI score0.0032EPSS
Exploits1References1
NVD
NVD
added 2021/06/09 3:15 p.m.16 views

CVE-2020-27384

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

7.8CVSS0.0032EPSS
Exploits1References1
Prion
Prion
added 2021/06/09 3:15 p.m.12 views

Privilege escalation

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

4.6CVSS7.5AI score0.0032EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/09 2:54 p.m.34 views

CVE-2020-27384

CVE-2020-27384 affects the Guild Wars 2 launcher (Gw2-64.exe) in version 106916. The issue is an elevation of privileges caused by improper permissions: the directory tree for Guild Wars 2 has world-writable access due to the F flag (Full Control) granted to Everyone, allowing an authenticated us...

7.8CVSS7.5AI score0.0032EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/06/09 2:54 p.m.18 views

CVE-2020-27384

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

7.6AI score0.0032EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.3 views

Guild Wars 2 安全漏洞

Guild Wars 2 Guild Wars 2 is a role-playing computer client game. A security vulnerability exists in Guild Wars 2 launcher version 106916, which stems from improper privilege control. An authenticated attacker can use this vulnerability to modify an existing executable file with a binary of his...

7.8CVSS7.4AI score0.0032EPSS
Exploits1References1
CNVD
CNVD
added 2021/01/22 12:0 a.m.5 views

The Guild Graphql Tools Command Injection Vulnerability

The Guild Graphql Tools is a tool from The Guild that generates graphql query statements based on a specific syntax. A command injection vulnerability exists in graphql-tools/git-loader prior to version 6.2.6, which stems from the use of exec and execSync in packages/loaders/git/src/load-git.ts t...

8.8CVSS7.1AI score0.02814EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/29 12:0 a.m.0 views

Red Discord Bot Elevation of Privilege Vulnerability

Red Discord Bot is a modular robot written in Python by an individual developer. The bot software can be configured to accomplish different functions depending on the module. A security vulnerability exists in Red Discord Bot versions prior to 3.4.1 that stems from an unauthorized privilege...

7.7CVSS7.2AI score0.01065EPSS
Exploits0References1
OSV
OSV
added 2020/10/28 5:15 p.m.21 views

CVE-2020-15278

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...

7.5CVSS7.7AI score
Exploits0References3
OSV
OSV
added 2020/10/28 5:15 p.m.23 views

PYSEC-2020-267

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...

7.7CVSS2.4AI score0.01065EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/28 4:35 p.m.26 views

CVE-2020-15278 Unauthorized privilege escalation in Mod module

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...

7.7CVSS7.7AI score0.01065EPSS
Exploits0References3
0day.today
0day.today
added 2020/10/15 12:0 a.m.17 views

Guild Wars 2 - Insecure Folder Permissions Vulnerability

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild Wars 2 Launcher...

7.4AI score
Exploits0
Rows per page
Query Builder