Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1027 matches found

OSV
OSVadded 2022/05/25 12:0 a.m.3 views

GHSA-236C-VHJ4-GFXG Duplicate Advisory: Embedded malware in ua-parser-js

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references. Original Description A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the...

8.8CVSS5.4AI score0.01314EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/25 12:0 a.m.5 views

Duplicate Advisory: Embedded malware in ua-parser-js

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references. Original Description A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the...

8.8CVSS5.3AI score0.01314EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/05/24 4:15 p.m.3 views

CVE-2021-4229

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

8.8CVSS7.1AI score0.01314EPSS
Exploits0References3
NVD
NVDadded 2022/05/24 4:15 p.m.20 views

CVE-2021-4229

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

8.8CVSS0.01314EPSS
Exploits0References3
Prion
Prionadded 2022/05/24 4:15 p.m.16 views

Design/Logic Flaw

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

7.6CVSS8.6AI score0.01314EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2022/05/24 4:15 p.m.47 views

CVE-2021-4229

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

8.8CVSS7AI score0.01314EPSS
Exploits0References4
CVE
CVEadded 2022/05/24 3:30 p.m.70 views

CVE-2021-4229

CVE-2021-4229 affects ua-parser-js versions 0.7.29, 0.8.0, and 1.0.0, with a reported critical issue involving a crypto mining backdoor in the component. The identified fix is to upgrade to 0.7.30, 0.8.1, or 1.0.1. Connected documents provide this concrete detail about affected versions and remed...

8.8CVSS6.7AI score0.01314EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/05/24 3:30 p.m.28 views

CVE-2021-4229 ua-parser-js Crypto Mining backdoor

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

5CVSS8.8AI score0.01314EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2022/05/24 3:30 p.m.5 views

CVE-2021-4229 ua-parser-js Crypto Mining backdoor

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

5CVSS8.8AI score0.01314EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2022/05/24 3:30 p.m.21 views

CVE-2021-4229

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component...

8.8CVSS8.7AI score0.01314EPSS
Exploits0
Malwarebytes
Malwarebytesadded 2022/05/18 12:55 p.m.59 views

Sysrv botnet is out to mine Monero on your Windows and Linux servers

In a Twitter thread, the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. The variant they focused on uses a range of known exploits for vulnerabilities in web apps and databases to install cryptocurrency miners on both Windows and...

6.8CVSS10AI score0.98253EPSS
Exploits54
Malwarebytes
Malwarebytesadded 2022/05/16 12:28 p.m.16 views

How COVID-19 fuelled a surge in malware

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs PUPs. It didnt matter what the computers were used for or what operating system they ran—across business and home computers, on Windows and on Mac, detections went up, enormously. Detections of malware on...

0.2AI score
Exploits0
CNVD
CNVDadded 2022/05/16 12:0 a.m.15 views

Insurance Management System SQL Injection Vulnerability (CNVD-2022-85117)

Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...

9.8CVSS3.2AI score0.01068EPSS
Exploits1References1
Code423n4
Code423n4added 2022/05/02 12:0 a.m.14 views

Users can use updateBoost function to claim unfairly large rewards from liquidity mining contracts for themselves at cost of other users.

Lines of code Vulnerability details Impact Users aware of this vulnerability could effectively steal a portion of liquidity mining rewards from honest users. Affected contracts are: SupplyMinerV2, DemandMinerV2, PARMinerV2 VotingMinerV2 is less affected because locking veMIMO in votingEscrow...

6.7AI score
Exploits0
Code423n4
Code423n4added 2022/04/29 12:0 a.m.9 views

Potential Sandwich Attack: Arbitrage bots can front run reward tokens being sent to the liquidity mining contracts

Lines of code Vulnerability details Impact For the PARMiner and DemandMiner contracts, arbitrage bots could harvest significant portion of rewards by monitoring MEV, and front run any reward token either a.mimo or par being transferred to the liquidityMining contract i.e. call the deposit functio...

6.7AI score
Exploits0
The Hacker News
The Hacker Newsadded 2022/04/22 9:30 a.m.101 views

Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud

LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. "It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses," CrowdStrike said in a new report. "It...

9.8CVSS0.8AI score0.99677EPSS
Exploits100
Trend Micro Simply Security
Trend Micro Simply Securityadded 2022/04/20 12:0 a.m.142 views

Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners

Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners...

7.5CVSS4.9AI score0.99677EPSS
Exploits100
Trend Micro Simply Security
Trend Micro Simply Securityadded 2022/04/20 12:0 a.m.176 views

Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners

Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners...

7.5CVSS4.7AI score0.99677EPSS
Exploits100
The Hacker News
The Hacker Newsadded 2022/04/15 10:24 a.m.33 views

Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on, allowing other criminal groups to leverage the tool for nefarious purposes. "It features the ability to steal sensitive information from victims and can download...

0.5AI score
Exploits0
The Hacker News
The Hacker Newsadded 2022/04/14 10:7 a.m.125 views

New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

A threat group that pursues crypto mining and distributed denial-of-service DDoS attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things IoT devices since last month. "This botnet is mainly derived from Gafgyt's source code but h...

10CVSS1.4AI score0.99857EPSS
Exploits50
Rows per page
Query Builder