nim-pentest-agent

NimPentestAgent Agent autonome de pentest intelligent pour CT...

EUVD-2021-33525

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-23171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash...

Linux Distros Unpatched Vulnerability : CVE-2021-46872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI sche...

oauth 安全漏洞

oauth is an oauth library for nim by individual developer Yoshihiro Tanaka. A security vulnerability exists in versions prior to oauth 0.11, which stems from the use of certain compiler flags to compile projects where the state parameter may not be checked, leaving it vulnerable to cross-site...

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, we encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught our...

SUSE CVE-2020-15690

In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character...

SUSE CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

SUSE CVE-2021-29495

Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented...

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

DEBIAN-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

UBUNTU-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool

By Deeba Ahmed This newly discovered malware campaign is attributed to a Chinese hacking group called Tropic Trooper. Cybersecurity researchers at… This is a post from HackRead.com Read the original post: Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool...

CVE-2021-41259

Nim is a systems programming language with a focus on efficiency, expressiveness, and elegance. In affected versions the uri.parseUri function which may be used to validate URIs accepts null bytes in the input URI. This behavior could be used to bypass URI validation. For example:...

编号撤回

Nim is a statically typed programming language from the Nim community. nim has a code issue vulnerability that can be exploited by attackers to bypass checks and launch SSRF attacks using null bytes...

CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

UBUNTU-CVE-2020-23171

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...

Nim 安全漏洞

Nim is a statically typed programming language from the Nim community. A security vulnerability exists in Nim-lang, which allows an unauthenticated attacker to write a file to an arbitrary directory via a carefully crafted zip file whose name contains a dotted slash character...

DEBIAN-CVE-2021-29495

Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented...