18 matches found
CVE-2022-42042
The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...
EUVD-2022-0395
Malicious code in bioql PyPI...
CVE-2022-40431
The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
golang: net: malformed DNS message can cause infinite loop
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...
PYSEC-2022-43028
The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...
Arbitrary Code Execution
d8sipaddresses is vulnerable to arbitrary code execution. The vulnerability exists because the democritus-networking package of a specific version of d8s-archives acts as a potential code execution backdoor which allows an attacker to inject and execute malicious codes in to the system...
CVE-2022-40426
CVE-2022-40426 concerns the PyPI package d8s-asns (the democritus-networking backdoor) in version 0.1.0. The backdoor inserted by a third party enables potential code execution and is described as a backdoor in the affected Python deployment. The connected records consistently describe a code-exe...
CVE-2022-40425
The CVE-2022-40425 entry refers to the PyPI package d8s-html (Python) where version 0.1.0 bundles a backdoor via the third‑party democritus-networking package. The vulnerability is described as potential remote code execution with a high impact across confidentiality, integrity, and availability ...
CVE-2022-40429
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
CVE-2022-40424
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0...
PT-2022-37375 · Unknown +1 · Democritus-Networking +1
Name of the Vulnerable Software and Affected Versions: d8s-asns version 0.1.0 Description: The d8s-asns package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-networking package, which was inserted by a third party. Recommendations: For...
PT-2022-25377 · Unknown +1 · Democritus-Networking +1
Name of the Vulnerable Software and Affected Versions: d8s-mpeg version 0.1.0 Description: The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. Recommendations: For version 0.1.0...
The vulnerability of the Samba networking communication package, related to an unvalidated error state, allows a intruder to trigger a service failure.
The vulnerability of the Samba networking communication package is related to an unvalidated error condition. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Mageia: Security Advisory (MGASA-2020-0314)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glib-networking (EulerOS-SA-2020-2466)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the Samba networking communication package lies in its susceptibility to resource exhaustion by the system, allowing attackers to trigger a service failure.
The vulnerability of the Samba networking communication package is related to the exhaustion of system resources. Exploiting this vulnerability can allow a hacker to cause service failures by initiating multiple connections...
PT-2017-10803 · Go +3 · Net/Http Package +3
Name of the Vulnerable Software and Affected Versions: net/http package affected versions not specified Description: The issue arises when the net/http package's Request.ParseMultipartForm method handles large multipart requests, potentially leading to a denial-of-service situation. An attacker c...
Ubuntu: Security Advisory (USN-2913-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...