Lucene search
K

25 matches found

CNVD
CNVD
added 2023/08/16 12:0 a.m.19 views

Zyxel NBG6604 Command Injection Vulnerability (CNVD-2023-64085)

The Zyxel NBG6604 is a dual-band wireless router from China's Hopkins Zyxel. The Zyxel NBG6604 V1.01ABIR.1C0 suffers from a command injection vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the NTP function. An attacker can...

8.8CVSS7.7AI score0.0143EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/03/16 12:0 a.m.12 views

FreeBSD : wordpress -- multiple issues (5df757ef-a564-11ec-85fa-a0369f7f7be0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5df757ef-a564-11ec-85fa-a0369f7f7be0 advisory. - wordpress developers reports: This security and maintenance release features 1 bug fix in addition to...

5.5AI score
Exploits0References2
FreeBSD
FreeBSD
added 2022/03/11 12:0 a.m.8 views

wordpress -- multiple issues

wordpress developers reports: This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. The security team would li...

2.3AI score
Exploits0References1
CNNVD
CNNVD
added 2021/12/29 12:0 a.m.3 views

Zyxel NBG6604 代码问题漏洞

The Zyxel NBG6604 is a dual-band wireless router from China-based Hopkins Technology Zyxel. An access control error vulnerability exists in the Zyxel NBG6604 that originates from the product's CGI program allowing users with expired sessions to access the device. No details of the vulnerability a...

9.1CVSS5.6AI score0.01044EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2021/09/08 11:45 a.m.16 views

hopkinsmedicine.org Cross Site Scripting vulnerability OBB-2135714

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| hopkinsmedicine.org ---|--- Open Bug...

6.2AI score
Exploits0
Snyk
Snyk
added 2021/01/26 6:55 a.m.3 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 9 in index.js. PoC var root = require"ffmpeg-sdk"; root.execute"touch JHU"; Remediation There is no fixed version for ffmpeg-sdk. Credit: JHU System Security Lab...

9.8CVSS7.3AI score0.01112EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2020/09/26 7:57 a.m.7 views

hopkinsmedicine.org Cross Site Scripting vulnerability OBB-1365011

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Openbugbounty
Openbugbounty
added 2020/07/16 10:32 a.m.8 views

hopkinsmedicine.org Cross Site Scripting vulnerability OBB-1227648

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/04/27 2:47 a.m.8 views

hopkinsmedicine.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1150884 Security Researcher ELProfesor Helped patch 2814 vulnerabilities Received 8 Coordinated Disclosure badges Received 107 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting hopkinsmedicine.org...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/31 10:0 a.m.72 views

Covid-19 Poll Results: One in Four Prioritize Health Over Privacy

One in four respondents to a Threatpost reader poll said they were okay with sacrificing a portion of their personal privacy in exchange for some form of cellphone tracking that could – in theory – reduce coronavirus infection rates and save lives. While the majority of Threatpost readers were...

7AI score
Exploits0References14
Krebs on Security
Krebs on Security
added 2020/03/12 3:53 p.m.110 views

Live Coronavirus Map Used to Spread Malware

Cybercriminals constantly latch on to news items that captivate the public's attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/11 3:8 p.m.78 views

Beware of 'Coronavirus Maps' – It's a malware infecting PCs to steal passwords

Cybercriminals will stop at nothing to exploit every chance to prey on internet users. Even the disastrous spread of SARS-COV-II the virus, which causes COVID-19 the disease, is becoming an opportunity for them to likewise spread malware or launch cyber attacks. Reason Labs recently released a...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/25 2:14 a.m.11 views

hopkinsmedicine.org XSS vulnerability

Open Bug Bounty ID: OBB-432242 Description| Value ---|--- Affected Website:| hopkinsmedicine.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/06 8:53 p.m.10 views

hopkinsmedicine.org XSS vulnerability

Open Bug Bounty ID: OBB-232840 Description| Value ---|--- Affected Website:| hopkinsmedicine.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2016/03/22 11:28 a.m.8 views

Deluge of Apple Patches Fix Vulnerabilities in OS X, iOS, Safari, and More

In addition to fixing the serious crypto vulnerabilities in iMessage that surfaced yesterday, Apple also deployed patches for nearly all of its products, including Safari, OS X, iOS, Apple TV’s tvOS, and watchOS. The iOS update, 9.3, is arguably the most pressing given the cryptographic issue dug...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2016/03/21 3:56 p.m.17 views

Johns Hopkins Researchers: Crypto Flaws Endanger iMessage Integrity

When Apple released its iOS Security Guide for public consumption, it was an unprecedented look inside the security architecture behind its products. For cryptographer and professor Matthew Green and a team of four Johns Hopkins University graduate students, it was a road map to understanding not...

6.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/02/19 12:15 p.m.13 views

TrueCrypt Audit Cryptanalysis Handed Off to NCC Group

The stagnant TrueCrypt audit stirred to life in the last 24 hours with the announcement that the second phase of the audit, tasked with examining the cryptography behind the open source disk encryption software, will begin shortly. NCC Group’s Cryptography Services has been contracted to do the...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2015/01/15 2:41 p.m.9 views

Matthew Green on the NSA and Compromising Crypto Standards

Dennis Fisher talks with Matthew Green of Johns Hopkins University about the NSA’s “regret” for continuing to support Dual EC after it had been shown to be compromised, the effects of the agency’s influence on crypto standards and the hope for more secure standards in the future. Download:...

2.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/05/29 9:38 a.m.8 views

OpenSSL Receives Funding for Developers, Will Undergo Security Audit

Scarcely a month after announcing the formation of a group designed to help fund open source projects, the Core Infrastructure Initiative has decided to provide the OpenSSL Project with enough money to hire two full-time developers and also will fund an audit of OpenSSL by the Open Crypto Audit...

7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2014/04/02 11:38 a.m.10 views

Matthew Green on the NSA and Crypto Backdoors

Dennis Fisher talks with Matthew Green of Johns Hopkins University about the paper he co-authored on the Extended Random extension for Dual EC DRBG and whether it could be considered a backdoor. Download: digitalunderground149.mp3...

1.9AI score
Exploits0References2
Rows per page
Query Builder