22 matches found
EUVD-2014-3971
Malware in sbrugna...
EUVD-2020-0596
Malware in sbrugna...
EUVD-2017-18220
Malware in sbrugna...
EUVD-2014-5678
Malware in sbrugna...
EUVD-2020-26892
Malware in sbrugna...
EUVD-2019-3280
Malware in sbrugna...
EUVD-2024-54727
Malicious code in bioql PyPI...
EUVD-2024-33768
Malicious code in bioql PyPI...
EUVD-2023-35259
Malicious code in bioql PyPI...
EUVD-2024-42729
Malicious code in bioql PyPI...
CVE-2024-1643
By knowing an organization's ID, an attacker can join the organization without permission and gain the ability to read and modify all data within that organization. This vulnerability allows unauthorized access and modification of sensitive information, posing a significant security risk. The fla...
The vulnerability of the svc_i3c_masterremove() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the svci3cmasterremove function in the drivers/i3c/master/svc-i3c-master.c file of the Linux kernel is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...
Malicious code in esqlgtbguistr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 03e05eee9d71ba1e87c875c37a4d12eb52e07296554bf0ef2619143ac5e647ef EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-2811 Malicious code in esqcraftrammc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5fd5a9aafcec6ccb433d3d05a5359a3f8b0e2aa00d8d36cfc1f6d4d8737d5091 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Improper Access Control in liukuo362573/yishaadmin
Description https://www.github.com/liukuo362573/yishaadmin has an endpoint "/admin/File/DeleteFile" that allows deleting files without authentication. Root-cause Server doesn't check user's permission when attacker access the endpoint. After that, server will directly call delete function with th...
CVE-2021-40978
The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601. and https://github.com/nisdn/CVE-2021-40978/issues/1...
The vulnerability of the tls_trust_file command in the SMTP client Msmtp and the POP3 client Mpop allows attackers to compromise the integrity, availability, and confidentiality of information.
The vulnerability of the tlstrustfile command in the SMTP client Msmtp and the POP3 client Mpop is related to incorrect authentication of the certificate’s authenticity. Exploiting this vulnerability allows a malicious actor to compromise the integrity, availability, and confidentiality of...
Shaanxi Public Software Co., Ltd. website building system suffers from SQL injection vulnerability
Ltd. has been focusing on the promotion and application of industry informatization construction and management technology, and is a modern high-tech enterprise integrating industry informatization system, development of professional software and technical training service. Shaanxi public softwar...
The vulnerability of the iOS operating system, which allows a hacker to compromise the security of information.
The vulnerability of the HomeKit operating system’s iOS component exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise information security by manipulating the Home Control element within the Control Center...