Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-13043

Malware in sbrugna...

7.5CVSS7.5AI score0.00906EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-_p0 (npm)

The package @zalastax/nolb-p0 was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-p0 (npm)

The package @zalastax/nolb-p0 was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-12876 Malicious code in @zalastax/nolb-p0 (npm)

The package @zalastax/nolb-p0 was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 a.m.9 views

CVE-2019-3404

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C...

7.5CVSS6.9AI score0.00906EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/08/23 11:44 a.m.38 views

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security's p0 Labs team identified and tracked an attacker developing and deploying eight 8 incremental iterations of their credential harvesting malwa...

7.8AI score
Exploits0
NVD
NVD
added 2021/06/02 2:15 p.m.26 views

CVE-2020-35514

An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShif...

7CVSS0.00218EPSS
Exploits0References1
Huntr
Huntr
added 2021/03/26 11:52 a.m.15 views

Cross-site Scripting (XSS) - Generic in bigprof-software/online-invoicing-system

✍️ Description A cross-site scripting XSS allows remote attackers to inject JavaScript via the "p0-start" Parameter 🕵️‍♂️ Proof of Concept You can find installation instructions here: https://bigprof.com/appgini/applications/online-invoicing-system Vulnerable Parameter: p0-start p1-start & p2-start...

2AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2020/06/17 12:0 a.m.40 views

FF Sandbox Escape (CVE-2020-12388)

By James Forshaw, Project Zero In my previous blog post I discussed an issue with the Windows Kernel’s handling of Restricted Tokens which allowed me to escape the Chrome GPU sandbox. Originally I’d planned to use Firefox for the proof-of-concept as Firefox uses the same effective sandbox level a...

10CVSS9.3AI score0.02714EPSS
Exploits0
CNVD
CNVD
added 2020/03/18 12:0 a.m.4 views

360 P0 and F5C Licensing Issues Vulnerabilities

The Qihoo 360 P0 and 360 F5C are both wireless routers from the Chinese company Qihoo Technologies. An authorization issue vulnerability exists in the interfaces of the 360 P0 and F5C, which can be exploited by an attacker to obtain some of the user's information, cause the user to be unable to u...

7.5CVSS6.8AI score0.00906EPSS
Exploits0References1
NVD
NVD
added 2020/03/04 2:15 p.m.20 views

CVE-2019-3404

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C...

7.5CVSS7.5AI score0.00906EPSS
Exploits0References1
Prion
Prion
added 2020/03/04 2:15 p.m.25 views

Design/Logic Flaw

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C...

5CVSS7.5AI score0.00906EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/03/04 1:1 p.m.67 views

CVE-2019-3404

The CVE-2019-3404 issue affects 360 router P0 and F5C, where adding special fields to the URI of a router app function can allow a user to abuse background CGI functions without authentication. Root cause is a URI-level manipulation vulnerability in the router’s app function; impact is unauthoriz...

7.5CVSS7.4AI score0.00906EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.9 views

SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:0712-1)

This update for ucode-intel fixes the following issues : Updated to the 20190312 bundle release bsc1129231 New Platforms : AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile CFL-S P0 6-9e-c/22 000000a2 Core Gen9...

5.5AI score
Exploits0References2
0day.today
0day.today
added 2018/10/22 12:0 a.m.40 views

Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit

Exploit for multiple platform in category dos / poc Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory iohideventsystem sets up a shared memory event queue; at the end of this shared memory buffer it puts a mach message which it sends whenever it wants to notify a client...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/08/26 12:0 a.m.12 views

Apple iOS 10.3.1 - Kernel

Apple iOS 10.3.1 - Kernel Sources: https://github.com/doadam/ziVA https://blog.zimperium.com/ziva-video-audio-ios-kernel-exploit/ ziVA An iOS kernel exploit designated to work on all 64-bit iOS devices = 10.3.1 More general information...

7.1AI score
Exploits0
Rows per page
Query Builder