117 matches found
Cybozu KUNAI for Android vulnerable to denial-of-service (DoS)
Overview Cybozu KUNAI for Android is a client application for using Cybozu products from an Android device. Cybozu KUNAI for Android contains an issue allowing to send massive requests to the connected Cybozu product if a user performs certain operations on KUNAI, which may result in repeated...
Logic flaw vulnerability in vastbase of Beijing Massive Data Technology Co.
vastbase is a massive database. A logic flaw vulnerability exists in vastbase, which can be exploited by an attacker to bypass all dynamic desensitization policies by constructing special SQL statements to view the original data before desensitization...
Friday Squid Blogging: Giant Squid Nebula
Pretty: A mysterious squid-like cosmic cloud, this nebula is very faint, but also very large in planet Earths sky. In the image, composed with 30 hours of narrowband image data, it spans nearly three full moons toward the royal constellation Cepheus. Discovered in 2011 by French astro-imager...
Outdated Internet Protocol Vulnerable to Massive DoS
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Critical SLP vulnerability affects 54k devices, including VMware, posing a risk of massive DoS attacks costing businesses up to $120k. To receive real-time threat advisories, please follow HiveFor...
Malicious code in esqmasksplitpush (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 371a75bbb9117312cbc2dfb41f4c02a5e1378b7ca3d109a59401cc2d79619da0 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in libpostmcstudy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c84b94703d515d422e08157646511e76f3f4565a6530eec880bc3a624c3b92f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in py-pingvisarandom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 694f98b4ad971c612139ea2beb3d2dc2f599e3de13071f75fa6c1d9b135534be EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfpostpywver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ce1f9f0e07d9bb3d97d7249c7b3c5df7ec801b084a912e987ec89feba18f0f97 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in esqcraftvirtual (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ffbffdc6af89222531106a220dd85678e58dfac6a9d6a394e29cc1fc3b016088 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfgrandlgtbad (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ca7efbedb24ea03bd007e39a8be34f859ade3eb8340f87e064e7482f8c256a32 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfstrpyw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 23186f64b90d4794a98edff00ca9b05c9413f9906b7bf2d32eaa80f494646489 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in ultrasuper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0647459cea3f381ddd70b04b76b93a6e215aea8ffccaa29c3fad2c7e0515202b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in python-biannce (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx d8240e2672f5130ce25db78c03e0b75bb8908b101ab4b40844ab155cdc7a122f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in bbitcoinlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx d4ae626d55de07d317671da449112e6758ad9550639e86a53a4349d44da0aad2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Apache InLong Information Disclosure Vulnerability
Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. An information disclosure vulnerability exists in Apache InLong. An attacker can exploit this vulnerability to read arbitrary files on the system...
Warning: New Massive Malicious Campaigns Targeting Top Indian Banks' Customers
Cybersecurity researchers are warning of "massive phishing campaigns" that distribute five different malware targeting banking users in India. "The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentiall...
UBUNTU-CVE-2022-42316
Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...
CVE-2021-46681
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field...
PT-2022-12901 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 756 and below Description: A XSS issue exists that allows an attacker to perform javascript code executions via the module massive operation name field. This enables the execution of malicious scripts. Recommendations: Fo...
Artica Pandora FMS 跨站脚本漏洞
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS version 756 and earlier versions. An attacker can exploit this...