129 matches found
CVE-2020-6607
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +412 more potentially affected by CVE-2023-31047 via django (>=4.0.0 <=4.1.8)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =3.1.1, =3.6.4, =3.7.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...
Read The Manual Locker: A Private RaaS Provider
Read The Manual Locker: A Private RaaS Provider By Trellix · April 13, 2023 This blog was written by Max Kersten The underground intelligence was obtained byN074B07. Another day, another ransomware-as-a-service RaaS provider, or so it seems. We’ve observed the “Read The Manual” RTM Locker gang,...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...
Ransomware review: February 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacke...
Studio Console Shows "Enable DaaS" for First Time Use
Citrix DaaS customers encounter the following message indicating their service needs to be enabled for one of the following reasons: 1 DaaS must be enabled for first time use 2 DaaS is disabled due to inactivity 3 DaaS subscription licenses are updated renewal or net new...
CVE-2021-34603
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2020-2047
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2020-12545
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2019-17443
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2019-5641
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user...
CVE-2019-5641
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user...
CVE-2019-5641 Rapid7 InsightVM Information Disclosure after Logout
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user...
Rapid7 InsightVM 代码问题漏洞
Rapid7 InsightVM is a vulnerability scanning and management application from Rapid7 USA. A security vulnerability exists in Rapid7 InsightVM that stems from the presence of an information disclosure issue that allows an attacker to use the Inspect Element browser feature to delete the login panel...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...
Seven ways in which the Owner and Proxy Admin can make users lose funds ("rug vectors")
Lines of code Vulnerability details The contest explicitly asks to analyze the contract for "Rug Vectors", so that is what this issue is about. note to reviewers This issue list maybe 7 different problems and recommends different fixes. I could have made seven separate issues for each, but it wou...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...
The life cycle of phishing pages
Introduction In this study, we analyzed how long phishing pages survive as well as the signs they show when they become inactive. In addition to the general data, we provided a number of options for classifying phishing pages according to formal criteria and analyzed the results for each of them...
CVE-2019-5640
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...
Rapid7 Nexpose 信息泄露漏洞
Rapid7 Nexpose is a set of vulnerability management software from Rapid7, Inc. that can use scan results to deeply probe a network. The software supports scanning configuration environments for errors, vulnerabilities, malware, etc. Rapid7 Nexpose has an information disclosure vulnerability that...