Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2024/11/04 12:0 a.m.54 views

CVE-2024-34882

CVE-2024-34882 affects 1C-Bitrix Bitrix24 v23.300.100. The root cause is insufficient protection of credentials in SMTP server settings, enabling remote administrators to exfiltrate SMTP account passwords to an arbitrary server via HTTP POST. Impact is credential exposure from the SMTP configurat...

6.8CVSS6.8AI score0.00146EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2023/02/25 11:18 p.m.7 views

MAL-2023-5181 Malicious code in py-httppost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx acddf75f234007d90d4faba8447994288d17044e88aab075c437b9deef9e96ac EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/02/25 11:18 p.m.2 views

Malicious code in py-httppost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx acddf75f234007d90d4faba8447994288d17044e88aab075c437b9deef9e96ac EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2020/12/07 2:39 p.m.46 views

Iranian RANA Android Malware Also Spies On Instant Messengers

A team of researchers today unveiled previously undisclosed capabilities of an Android spyware implant—developed by a sanctioned Iranian threat actor—that could let attackers spy on private chats from popular instant messaging apps, force Wi-Fi connections, and auto-answer calls from specific...

0.3AI score
Exploits0
Veracode
Veracodeadded 2019/07/10 3:51 a.m.6 views

Denial Of Service (DoS)

pycurl is vulnerable to denial of service DoS. The vulnerability exists through a use-after-free weakness in HTTPPOST when using FORMBUFFERPTR, allowing an attacker to crash the application via a malicious unicode string...

6.3AI score
Exploits0
Mageia
Mageiaadded 2015/11/10 9:26 p.m.23 views

Updated python-curl packages fix security vulnerability

A use-after-free vulnerability was found in Curl object's HTTPPOST setopt when a Unicode value is passed as a value with a FORMBUFFERPTR. The str object created from the passed in unicode object would have its buffer used but the unicode object would be stored instead of the str object rhbz127748...

0.5AI score
Exploits0References3
OSV
OSVadded 2015/11/10 9:26 p.m.2 views

MGASA-2015-0440 Updated python-curl packages fix security vulnerability

A use-after-free vulnerability was found in Curl object's HTTPPOST setopt when a Unicode value is passed as a value with a FORMBUFFERPTR. The str object created from the passed in unicode object would have its buffer used but the unicode object would be stored instead of the str object rhbz127748...

6.9AI score
Exploits0References4
Rows per page
Query Builder