36 matches found
EUVD-2024-37803
Malicious code in bioql PyPI...
When AI chatbots leak and how it happens
In a recent article on Cybernews there were two clear signs of how fast the world of AI chatbots is growing. A company I had never even heard of had over 150 million app downloads across its portfolio, and it also had an exposed unprotected Elasticsearch instance. This needs a bit of an...
A Bootiful Podcast: Java Champion and legend Henri Tremblay
Hi, Spring fans! In this installment I talk to Henri Tremblay, head of TS Imagine Canada, Java Champion, Montreal JUG leader, EasyMock lead dev and all around legend!...
Malicious code in rexz-imagine-ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a5880974c43ddaa1e24f3eecce7e9eb1e66d31adb347a095436a27316c30097 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2278 Malicious code in rexz-imagine-ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a5880974c43ddaa1e24f3eecce7e9eb1e66d31adb347a095436a27316c30097 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the Imagine Cup platform’s code execution mechanism for Microsoft Azure Functions allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Imagine Cup platform’s Microsoft Azure Functions component is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 CVSS score: 9.8, has been addressed in version 0.1.38. The project maintainers...
Microsoft Imagine Cup site information disclosure vulnerability
Microsoft Imagine Cup is a developer tool from Microsoft Corporation USA. The Microsoft Imagine Cup site suffers from an information disclosure vulnerability that stems from incorrect access control. An attacker could exploit the vulnerability to elevate privileges over a network...
CVE-2024-38204
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network...
CVE-2024-38204 Imagine Cup site Information Disclosure Vulnerability
...
CVE-2024-38204 Imagine Cup site Information Disclosure Vulnerability
...
CVE-2024-38204
CVE-2024-38204 is an improper access control vulnerability affecting Microsoft Imagine Cup (site). Connected sources confirm an authorized attacker could elevate privileges over a network due to insufficient access control. Microsoft’s MSRC entry and other feeds link this CVE to Microsoft Azure F...
Imagine Cup site Information Disclosure Vulnerability
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network...
PT-2024-7082 · Microsoft · Azure Functions +1
Name of the Vulnerable Software and Affected Versions: Imagine Cup affected versions not specified Description: The issue is related to improper access control in Imagine Cup, allowing an authorized attacker to elevate privileges over a network. This can potentially lead to unauthorized access to...
Microsoft Imagine Cup 访问控制错误漏洞
Microsoft Imagine Cup is a developer tool from Microsoft Corporation USA. The Microsoft Imagine Cup site suffers from an information disclosure vulnerability that stems from incorrect access control. An attacker could exploit the vulnerability to elevate privileges over a network...
imaginetravel.be Cross Site Scripting vulnerability OBB-3889944
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
IWT Imagine CMS 1.0 Cross Site Scripting
==================================================================================================================================== | Title : IWT Imagineِ CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vend...
imagine-picasso.com Cross Site Scripting vulnerability OBB-3582748
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
imagine-picasso.com Cross Site Scripting vulnerability OBB-3371242
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
imagin-labs.net Cross Site Scripting vulnerability OBB-2853822
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...