An ICE Firearms Trainer Was Involved in At Least 4 Deadly Shootings

David Norman, a former Phoenix police officer who’s described himself as “a fucking savage,” now runs a company that provided training to Homeland Security’s Special Response Teams...

EUVD-2020-29374

Malware in sbrugna...

EUVD-2008-5510

Malware in sbrugna...

EUVD-2007-1191

Malware in sbrugna...

EUVD-2012-1452

Malware in sbrugna...

EUVD-2012-1446

Malware in sbrugna...

EUVD-2007-3936

Malware in sbrugna...

EUVD-2014-0846

Malware in sbrugna...

EUVD-2007-3937

Malware in sbrugna...

EUVD-2005-3377

Malware in sbrugna...

CVE-2020-8508

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled...

CVE-2010-5167

Race condition in Norman Security Suite PRO 8.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2023-32193 Norman API Cross-site Scripting Vulnerability

A vulnerability has been identified in which unauthenticated cross-site scripting XSS in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely...

GO-2024-2536 Cross-site scripting in public API in github.com/rancher/norman

Cross-site scripting in public API in github.com/rancher/norman...

Cross Site Scripting (XSS)

github.com/rancher/norman is vulnerable to Cross Site Scripting XSS . The vulnerability is due to a lack of URL validation within the ParseRequestURL method. An attacker can execute arbitrary JavaScript by sending a crafted payload to a public API endpoint, resulting in XSS...

SUSE CVE-2023-32193

A vulnerability has been identified in which unauthenticated cross-site scripting XSS in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely...

GHSA-R8F4-HV23-6QP6 Norman API Cross-site Scripting Vulnerability

Impact A vulnerability has been identified in which unauthenticated cross-site scripting XSS in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. The attack vector was identified as a...

Norman API Cross-site Scripting Vulnerability

Impact A vulnerability has been identified in which unauthenticated cross-site scripting XSS in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. The attack vector was identified as a...

PT-2024-12301 · Norman · Norman Api

Name of the Vulnerable Software and Affected Versions: Norman API versions prior to the patched versions Description: A vulnerability has been identified in Norman's public API endpoint, allowing unauthenticated cross-site scripting XSS to be exploited. This can lead to an attacker triggering...

norman-liebold.com Improper Access Control vulnerability OBB-3806390

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...