Lucene search
+L

26 matches found

ossf
ossf
added 3 days ago6 views

Malicious code in salesforce-vscode-slds (npm)

The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...

6.1AI score
Exploits0References3
ossf
ossf
added 3 days ago7 views

Malicious code in chat-adapter-zoom (npm)

The chat-adapter-zoom package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Zoom...

6.1AI score
Exploits0References3
osv
osv
added 3 days ago3 views

MAL-2026-10234 Malicious code in slds-lsp-client (npm)

The slds-lsp-client package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Salesforce SLD...

6.1AI score
Exploits0References3
osv
osv
added 3 days ago3 views

MAL-2026-10228 Malicious code in chat-adapter-zoom (npm)

The chat-adapter-zoom package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Zoom...

6.1AI score
Exploits0References3
ossf
ossf
added 2026/07/06 12:0 a.m.5 views

Malicious code in @logdna-web/styles (npm)

The @logdna-web/styles package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization the @logdna-w...

6.1AI score
Exploits0References3
osv
osv
added 2026/07/06 12:0 a.m.2 views

MAL-2026-10229 Malicious code in enbd-react-error-boundry (npm)

The enbd-react-error-boundry package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization an 'enb...

6.1AI score
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-5819

Malware in sbrugna...

5CVSS6.3AI score0.01618EPSS
Exploits2References8
ptsecurity
ptsecurity
added 2024/02/26 12:0 a.m.6 views

PT-2024-15799 · Unknown · Anything-Llm

Name of the Vulnerable Software and Affected Versions: AnythingLLM affected versions not specified Description: If an instance of AnythingLLM is hosted on an internal network and the attacker is granted a permission level of manager or admin, they could link-scrape internally to resolve IPs of...

7.7CVSS6.7AI score0.00974EPSS
Exploits1References7
attackerkb
attackerkb
added 2023/09/20 8:15 p.m.3 views

CVE-2022-3596

An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...

7.5CVSS7.2AI score0.01107EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

4.3CVSS4.4AI score0.01505EPSS
Exploits1References3
nvd
nvd
added 2021/12/13 1:15 a.m.18 views

CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

4.3CVSS0.01505EPSS
Exploits1References3
osv
osv
added 2021/12/13 1:15 a.m.3 views

DEBIAN-CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

3.1CVSS7AI score0.01505EPSS
Exploits1References1
kitploit
kitploit
added 2019/08/10 10:35 p.m.123 views

Osmedeus v1.5 - Fully Automated Offensive Security Framework For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux, check more install on Wiki page How to use I...

7.5AI score
Exploits0References11
kitploit
kitploit
added 2019/04/02 11:55 a.m.159 views

Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone...

7.3AI score
Exploits0References3
openvas
openvas
added 2018/02/10 12:0 a.m.28 views

openSUSE: Security Advisory for plasma5-workspace (openSUSE-SU-2018:0397-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS5.9AI score0.02127EPSS
Exploits0References2
nessus
nessus
added 2018/02/09 12:0 a.m.37 views

openSUSE Security Update : plasma5-workspace (openSUSE-2018-147)

This update for plasma5-workspace fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2018-6790: Desktop notifications could have been used to load arbitrary remote images into Plasma, allowing for client IP discovery boo1079429 - CVE-2018-6791: A specially crafted fi...

7.2CVSS6.5AI score0.02127EPSS
Exploits0References5
opensuse
opensuse
added 2018/02/08 12:18 p.m.33 views

Security update for plasma5-workspace (important)

This update for plasma5-workspace fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2018-6790: Desktop notifications could have been used to load arbitrary remote images into Plasma, allowing for client IP discovery boo1079429 - CVE-2018-6791: A specially crafted fil...

7.1AI score0.02127EPSS
Exploits0References3
osv
osv
added 2018/02/07 2:29 a.m.29 views

CVE-2018-6790

An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element...

5.3CVSS7.1AI score
Exploits0References5
pentestit
pentestit
added 2017/09/10 2:48 a.m.263 views

cFire: IP Discovery for Domains behind Cloudflare

PenTestIT RSS Feed If you remember, I blogged about a CloudFail and HatCloud earlier. Those tools help you find the IP addresses of systems that are protected/behind Cloudflare. This post is about a new tool on the block - cFire, which just does not stop at detecting the systems restricted using...

6.8AI score
Exploits0
kitploit
kitploit
added 2017/03/15 2:12 p.m.46 views

HatCloud - Tool for identify real IP of CloudFlare (Bypass CloudFlare)

HatCloud build in Ruby. It makes bypass in CloudFlare for discover real IP. This can be useful if you need test your server and website. Testing your protection against Ddos Denial of Service or Dos. CloudFlare is services and distributed domain name server services, sitting between the visitor a...

7.3AI score
Exploits0References1
Rows per page
Query Builder