Lucene search
+L

266 matches found

snyk
snyk
added 2025/11/24 4:24 p.m.6 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
attackerkb
attackerkb
added 2025/11/11 5:59 p.m.2 views

CVE-2025-59509

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00541EPSS
Exploits0References2Affected Software13
euvd
euvd
added 2025/11/06 6:32 p.m.6 views

EUVD-2025-38127

Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through = 4.2...

6.4AI score0.02882EPSS
Exploits2References2
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-9547

Malware in sbrugna...

7.5CVSS8.2AI score0.03244EPSS
Exploits0References10
osv
osv
added 2025/09/23 4:36 p.m.10 views

CLSA-2025-1758645375 libwebp: Fix of CVE-2020-36328

CVE-2020-36328: fix a heap-based buffer overflow in WebPDecodeInto functions...

9.8CVSS7.5AI score0.02662EPSS
Exploits0References1
osv
osv
added 2025/09/23 8:15 a.m.19 views

CLSA-2025-1758615308 libwebp: Fix of CVE-2020-36328

CVE-2020-36328: fix a heap-based buffer overflow in WebPDecodeInto functions...

9.8CVSS7.5AI score0.02662EPSS
Exploits0References1
nessus
nessus
added 2025/08/21 12:0 a.m.7 views

TencentOS Server 4: mod_security (TSSA-2025:0553)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0553 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.5CVSS8.1AI score0.00346EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/08/19 8:52 p.m.7 views

CVE-2025-55031 Passkey phishing within Bluetooth range

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability was fixed...

5.8AI score0.00386EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/08/12 12:0 a.m.7 views

PT-2025-32633 · WordPress · Anwp Football Leagues

Name of the Vulnerable Software and Affected Versions: AnWP Football Leagues plugin for WordPress versions up to and including 0.16.17 Description: The AnWP Football Leagues plugin for WordPress is susceptible to CSV injection through the download csv players and download csv games functions...

4.8CVSS7.9AI score0.00295EPSS
Exploits0References10
redhatcve
redhatcve
added 2025/05/23 9:2 a.m.4 views

CVE-2024-38991

akbr patch-into v1.0.1 was discovered to contain a prototype pollution via the function patchInto. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.8CVSS6.2AI score0.00822EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:13 a.m.5 views

CVE-2023-25094

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.0146EPSS
Exploits1References1
osv
osv
added 2025/01/03 1:15 a.m.2 views

CVE-2024-43767

In preparetodrawintomask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.4AI score0.00375EPSS
Exploits0References2
rapid7blog
rapid7blog
added 2024/09/24 1:0 p.m.11 views

Three Recommendations for Creating a Risk-Based Detection and Response Program

It should come as little surprise to most security professionals that keeping pace with the evolution of threat actors has become harder and harder. Maintaining visibility into the threat landscape and on top of external risk vectors is more than a matter of incorporating more point solutions. It...

6.8AI score
Exploits0
Rows per page
Query Builder