68 matches found
CVE-2020-20136
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library...
Malicious code in lean-coffee (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40091a9e1c992e1036913597e929c36c5b56682d022e7260f42badcc3705df8c The OpenSSF Package Analysis project identified 'lean-coffee' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9003 Malicious code in lean-coffee (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40091a9e1c992e1036913597e929c36c5b56682d022e7260f42badcc3705df8c The OpenSSF Package Analysis project identified 'lean-coffee' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents. The SANS Institute provides research and education on information security. In th...
The Best Defense Against Cyber Threats for Lean Security Teams
H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That is, if you're in charge of cybersecurity for a small-to-midsize enterprise SME. Why? Bad actors know that SMEs typically have a smaller security budget, less...
Malicious code in scikit-lean (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1c90858b7d34c77b6f3a49a7c871896ca20ac72c3e300e124da8f03ccc271fe4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
[SECURITY] Fedora 35 Update: enlightenment-0.25.4-1.fc35
Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...
GHSA-WW7R-278H-48MH QuantConnect Lean vulnerable to insecure deserialization
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. One may avoid this issue by only running Lean in an environment where data provided is trusted...
QuantConnect Lean vulnerable to insecure deserialization
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. One may avoid this issue by only running Lean in an environment where data provided is trusted...
GHSA-5G7F-P7JG-V6MV lean-ruport allows local users to obtain sensitive information by listing the process
test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
lean-ruport allows local users to obtain sensitive information by listing the process
test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...
Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams
Extended detection and response XDR is expected to be the future of cybersecurity, merging security technologies with the evolving approach to the way we do cybersecurity. And while many organizations are scrambling to integrate XDR into their cybersecurity strategies – even more are still trying...
Guide: Alert Overload and Handling for Lean IT Security Teams
Alarming research reveals the stress and strains the average cybersecurity team experiences on a daily basis. As many as 70% of teams report feeling emotionally overwhelmed by security alerts. Those alerts come at such high volume, high velocity, and high intensity that they become an extreme...
WordPress Lean WP plugin <= 1.4.0 - Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery (CSRF) vulnerability
Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery CSRF vulnerability discovered by Jan w Oleju in WordPress Lean WP plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of March 31, 2020 and is not available for download. This closure ...
WordPress Lean WP plugin <= 1.4.0 - Arbitrary Plugin Activation vulnerability
Arbitrary Plugin Activation vulnerability discovered by Jan w Oleju in WordPress Lean WP plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of March 31, 2020 and is not available for download. This closure is permanent. Reason: Author Request...
lean-app-maker.space Cross Site Scripting vulnerability OBB-2306611
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[eBook] Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams
If there is one thing the past few years have taught the world, it’s that cybercrime never sleeps. For organizations of any size and scope, having around-the-clock protection for their endpoints, networks, and servers is no longer optional, but it’s also not entirely feasible for many. Attackers...
New Hub for Lean IT Security Teams
One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape...
Why Businesses Need To Go Lean With Cybersecurity
By Waqas As hackers get smarter, cybersecurity becomes a key concern - Let's dig deeper into why businesses need to go lean with cybersecurity. This is a post from HackRead.com Read the original post: Why Businesses Need To Go Lean With Cybersecurity...
CVE-2021-33737
A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...