Lucene search
K

84 matches found

OSV
OSV
added 2024/08/07 12:32 a.m.7 views

MAL-2024-7994 Malicious code in theme-bahrain-nb-hddd2c (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2c4d9f69a68847d94866c5c7615ea8e879f744fe989442fd0e658480480744e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/06 5:39 a.m.4 views

Malicious code in theme-bahrain-nb-hdddc3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53da1719f478c46169b284e06518c71ee941c34320a1e6ae4ad97fd77a568a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/07/30 1:0 p.m.15 views

New Research: The Proliferation of Cellular in IoT

Researchers explain the trend and argue for deeper understanding Analysis of Cellular Based Internet of Things IoT Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner. In thi...

7.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/09 3:4 p.m.4 views

elf-rss (>=2.5.0 <=2.5.4), gocqapi (>=0.1.3 <=0.1.4) +59 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.0a16 <=2.1.3)

nonebot2 PYPI version =2.0.0a16, =2.5.0, =0.1.3, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.5.2, =2.0.0, =2.1.0 and more Source cves: CVE-2024-21624 Source advisory: OSV:GHSA-59J8-776V-XXXG...

6.5CVSS6.5AI score0.00492EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/10 10:17 p.m.8 views

nb-mail.de Improper Access Control vulnerability OBB-3776913

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/22 6:2 p.m.7 views

nb-care.com Cross Site Scripting vulnerability OBB-3762968

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/16 8:24 a.m.4 views

nb-care.com Cross Site Scripting vulnerability OBB-3586346

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Prion
Prion
added 2023/06/12 2:15 p.m.16 views

Command injection

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...

5.8CVSS7.5AI score0.01276EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.4 views

SUSE CVE-2022-26126

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isisnbnotifications.c...

8.2CVSS7.3AI score0.01068EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2022/01/28 10:4 p.m.7 views

@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +85 more potentially affected by CVE-2021-4103 via vditor (>=2.3.1 <=3.3.9)

vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2021-4103 Source advisory: OSV:GHSA-CXM3-V4MV-6MH8...

6.8CVSS6.3AI score0.00664EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2017-0234)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.03763EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2017-0259)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.03763EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2021/12/15 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2021:4063-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2021/11/15 6:31 p.m.9 views

nb-coolbeansafety.com Cross Site Scripting vulnerability OBB-2273766

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/11/10 6:15 p.m.16 views

aadetools (>=0.0.3 <=0.0.5), aegea (>=2.0.0 <=2.2.5) +119 more potentially affected by CVE-2021-3572 via pip (>=10.0.0b2 <=21.0.1)

pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =5.1.0, =0.0.1, =0.0.0, =0.0.2, =0.1.0, =0.0.0, =0.1.0.dev1, =0.0.1, =0.0.1, =0.2.3 and more Source cves: CVE-2021-3572 Source advisory: OSV:PYSEC-2021-437...

5.7CVSS6.7AI score0.01687EPSS
Exploits2
OSV
OSV
added 2021/08/25 8:52 p.m.25 views

GHSA-RM4W-6696-R77P nb-connect invalidly assumes the memory layout of std::net::SocketAddr

The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...

9.8CVSS9.4AI score0.01448EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2021/08/25 8:52 p.m.28 views

nb-connect invalidly assumes the memory layout of std::net::SocketAddr

The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...

9.8CVSS8.9AI score0.01448EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2021/02/18 4:15 a.m.35 views

CVE-2021-27376

An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...

9.8CVSS0.01448EPSS
Exploits1References1
OSV
OSV
added 2021/02/18 4:15 a.m.5 views

CVE-2021-27376

An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...

9.8CVSS7.3AI score0.01448EPSS
Exploits1References1
Prion
Prion
added 2021/02/18 4:15 a.m.25 views

Information disclosure

An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...

7.5CVSS9.4AI score0.01448EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder