Lucene search
K

68 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:17 p.m.6 views

CVE-2020-20136

QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library...

9.8CVSS6.8AI score0.01518EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/27 5:10 p.m.3 views

Malicious code in lean-coffee (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40091a9e1c992e1036913597e929c36c5b56682d022e7260f42badcc3705df8c The OpenSSF Package Analysis project identified 'lean-coffee' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2024/09/27 5:10 p.m.2 views

MAL-2024-9003 Malicious code in lean-coffee (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40091a9e1c992e1036913597e929c36c5b56682d022e7260f42badcc3705df8c The OpenSSF Package Analysis project identified 'lean-coffee' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/31 11:47 a.m.38 views

Deep Dive Into 6 Key Steps to Accelerate Your Incident Response

Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents. The SANS Institute provides research and education on information security. In th...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/21 11:28 a.m.34 views

The Best Defense Against Cyber Threats for Lean Security Teams

H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That is, if you're in charge of cybersecurity for a small-to-midsize enterprise SME. Why? Bad actors know that SMEs typically have a smaller security budget, less...

6.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/10 8:15 p.m.4 views

Malicious code in scikit-lean (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1c90858b7d34c77b6f3a49a7c871896ca20ac72c3e300e124da8f03ccc271fe4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.7AI score
Exploits0References1
Fedora
Fedora
added 2022/10/03 12:51 a.m.36 views

[SECURITY] Fedora 35 Update: enlightenment-0.25.4-1.fc35

Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...

7.8CVSS7.8AI score0.05486EPSS
Exploits15
OSV
OSV
added 2022/05/24 5:36 p.m.12 views

GHSA-WW7R-278H-48MH QuantConnect Lean vulnerable to insecure deserialization

QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. One may avoid this issue by only running Lean in an environment where data provided is trusted...

9.8CVSS9.5AI score0.01518EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:36 p.m.18 views

QuantConnect Lean vulnerable to insecure deserialization

QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. One may avoid this issue by only running Lean in an environment where data provided is trusted...

9.8CVSS6.8AI score0.01518EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/14 3:47 a.m.18 views

GHSA-5G7F-P7JG-V6MV lean-ruport allows local users to obtain sensitive information by listing the process

test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

7.8CVSS7.5AI score0.00522EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/14 3:47 a.m.22 views

lean-ruport allows local users to obtain sensitive information by listing the process

test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

7.8CVSS7AI score0.00522EPSS
Exploits1References5Affected Software1
The Hacker News
The Hacker News
added 2022/04/13 2:35 p.m.43 views

Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams

Extended detection and response XDR is expected to be the future of cybersecurity, merging security technologies with the evolving approach to the way we do cybersecurity. And while many organizations are scrambling to integrate XDR into their cybersecurity strategies – even more are still trying...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/09 1:33 p.m.13 views

Guide: Alert Overload and Handling for Lean IT Security Teams

Alarming research reveals the stress and strains the average cybersecurity team experiences on a daily basis. As many as 70% of teams report feeling emotionally overwhelmed by security alerts. Those alerts come at such high volume, high velocity, and high intensity that they become an extreme...

Exploits0
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.10 views

WordPress Lean WP plugin <= 1.4.0 - Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery CSRF vulnerability discovered by Jan w Oleju in WordPress Lean WP plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of March 31, 2020 and is not available for download. This closure ...

2.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/01/24 12:0 a.m.11 views

WordPress Lean WP plugin <= 1.4.0 - Arbitrary Plugin Activation vulnerability

Arbitrary Plugin Activation vulnerability discovered by Jan w Oleju in WordPress Lean WP plugin versions = 1.4.0. Solution Deactivate and delete. This plugin has been closed as of March 31, 2020 and is not available for download. This closure is permanent. Reason: Author Request...

3.6AI score
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2021/12/18 11:1 p.m.20 views

lean-app-maker.space Cross Site Scripting vulnerability OBB-2306611

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/08 10:55 a.m.20 views

[eBook] Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams

If there is one thing the past few years have taught the world, it’s that cybercrime never sleeps. For organizations of any size and scope, having around-the-clock protection for their endpoints, networks, and servers is no longer optional, but it’s also not entirely feasible for many. Attackers...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/11/30 2:37 p.m.12 views

New Hub for Lean IT Security Teams

One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape...

7.2AI score
Exploits0
HackRead
HackRead
added 2021/10/12 8:27 p.m.20 views

Why Businesses Need To Go Lean With Cybersecurity

By Waqas As hackers get smarter, cybersecurity becomes a key concern - Let's dig deeper into why businesses need to go lean with cybersecurity. This is a post from HackRead.com Read the original post: Why Businesses Need To Go Lean With Cybersecurity...

1.9AI score
Exploits0
NVD
NVD
added 2021/09/14 11:15 a.m.21 views

CVE-2021-33737

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...

7.8CVSS0.01022EPSS
Exploits0References1
Rows per page
Query Builder