78 matches found
Malicious code in python-guild (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e80e97d90a6fe86d94b3d80feac7f7f53e0eb1ee29320ebb7612cdf7a5449f3d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: spl-types-rentry-2024-07 Reasons based on the campaign: -...
MAL-2024-10133 Malicious code in python-guild (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e80e97d90a6fe86d94b3d80feac7f7f53e0eb1ee29320ebb7612cdf7a5449f3d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: spl-types-rentry-2024-07 Reasons based on the campaign: -...
tickets.texascraftbrewersguild.org Cross Site Scripting vulnerability OBB-3879065
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
athleteguild.com Cross Site Scripting vulnerability OBB-3846607
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Guild Raid Progression for WoW and Raider IO Plugin < 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Guild Raid Progression for WoW and Raider IO Type Plugin Vulnerable versions 1.0.3 Fixed in 1.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 44f4e0b3ae81 Credits Rafie...
@guild-docs/client (>=2.0.0 <=4.0.0-alpha-b500768.0) potentially affected by CVE-2022-36036 via mdx-mermaid (=1.2.2)
mdx-mermaid NPM version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mdx-mermaid and may be impacted: - @guild-docs/client =2.0.0, =4.0.0-alpha-b500768.0 Source cves: CVE-2022-36036 Source advisory: OSV:GHSA-RVGM-35JW-Q628...
Malicious code in mobile-guild-kb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5411acc8e88aa97cb7acff34873c8baf6b92d02bd87cd23292294dae6a232ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4651 Malicious code in mobile-guild-kb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5411acc8e88aa97cb7acff34873c8baf6b92d02bd87cd23292294dae6a232ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
Privilege escalation
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
CVE-2020-27384
CVE-2020-27384 affects the Guild Wars 2 launcher (Gw2-64.exe) in version 106916. The issue is an elevation of privileges caused by improper permissions: the directory tree for Guild Wars 2 has world-writable access due to the F flag (Full Control) granted to Everyone, allowing an authenticated us...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
Guild Wars 2 安全漏洞
Guild Wars 2 Guild Wars 2 is a role-playing computer client game. A security vulnerability exists in Guild Wars 2 launcher version 106916, which stems from improper privilege control. An authenticated attacker can use this vulnerability to modify an existing executable file with a binary of his...
The Guild Graphql Tools Command Injection Vulnerability
The Guild Graphql Tools is a tool from The Guild that generates graphql query statements based on a specific syntax. A command injection vulnerability exists in graphql-tools/git-loader prior to version 6.2.6, which stems from the use of exec and execSync in packages/loaders/git/src/load-git.ts t...
Red Discord Bot Elevation of Privilege Vulnerability
Red Discord Bot is a modular robot written in Python by an individual developer. The bot software can be configured to accomplish different functions depending on the module. A security vulnerability exists in Red Discord Bot versions prior to 3.4.1 that stems from an unauthorized privilege...
CVE-2020-15278
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...
PYSEC-2020-267
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...
CVE-2020-15278 Unauthorized privilege escalation in Mod module
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...
Guild Wars 2 - Insecure Folder Permissions Vulnerability
Exploit Title: Guild Wars 2 - Insecure Folder Permissions Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild Wars 2 Launcher...