Lucene search
K

73 matches found

Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.8 views

Embedded Malicious Code

Overview @ctrl/ngx-rightclick is a Context Menu Service for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API...

9.8CVSS7AI score
Exploits0References2
Kitploit
Kitploit
added 2023/10/13 12:29 p.m.33 views

Pyxamstore - Python Utility For Parsing Xamarin AssemblyStore Blob Files

This is an alpha release of an assemblies.blob AssemblyStore parser written in Python. The tool is capable of unpack and repackaging assemblies.blob and assemblies.manifest Xamarin files from an APK. Installing Run the installer script: python setup.py install You can then use the tool by calling...

7.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/07/28 3:45 p.m.6 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/08/20 5:16 a.m.43 views

How to install Frida into an Android application

On a recent job I was testing a rather interesting piece of technology that had several server side checks but they wanted to add some additional security on the client side. Great!! One of these additional checks was to see if Frida was running on the device, this was proving a difficult nut to...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/07/17 12:0 a.m.8 views

Tencent's Self-Selected Stocks Have Logic Flaw Vulnerabilities

Tencent Self-Select is a securities investment mobile Internet application. Tencent Self-Select has a logic flaw vulnerability that can be exploited by an attacker to inject malicious code or modify the software logic to bypass forensics during the repackaging process...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/05/11 6:1 p.m.39 views

Fake Chrome App Anchors Rapidly Worming ‘Smish’ Cyberattack

A new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks, according to researchers. The fake app is being used as part of a sophisticated hybrid cyberattack campaign that also uses mobile phishing to steal credentials. Join...

5.7AI score
Exploits0References8
Hewlett-Packard
Hewlett-Packard
added 2020/01/17 12:0 a.m.109 views

HPSBGN03632 rev. 1 - HP SoftPaq Installer Vulnerability

Potential Security Impact Execution of Arbitrary Code, Escalation of Privilege. Source: HP, HP Product Security Response Team PSRT Reported by: Pierre-Alexandre Braeken; Eran Shimony VULNERABILITY SUMMARY A potential security vulnerability has been identified with a version of the HP Softpaq...

7.8CVSS2.5AI score0.00279EPSS
Exploits0
OSV
OSV
added 2019/11/01 11:15 p.m.3 views

ALPINE-CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All...

7.5CVSS6.9AI score0.08813EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2018/08/22 2:58 p.m.13 views

Triout Malware Carries Out Extensive, Targeted Android Surveillance

A mobile spyware for Android was disclosed today, with extensive, advanced surveillance capabilities that suggest that a sophisticated actor is pulling the strings. Using a recently discovered malware dubbed Triout, bad actors are tapping into the proliferating footprint of Android-based...

7.1AI score
Exploits0References2
Exploit DB
Exploit DB
added 2016/01/18 12:0 a.m.32 views

SeaWell Networks Spectrum - Multiple Vulnerabilities

Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282 CVE-2015-8283 CVE-2015-8284 About SeaWell Networks Spectru...

9.8CVSS7.5AI score0.06848EPSS
Exploits7
Packet Storm
Packet Storm
added 2016/01/18 12:0 a.m.39 views

SeaWell Networks Spectrum SDC 02.05.00 Traversal / Privilege Escalation

Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282 CVE-2015-8283 CVE-2015-8284 About SeaWell Networks Spectru...

0.4AI score0.06848EPSS
Exploits7
Kitploit
Kitploit
added 2014/12/29 2:44 p.m.21 views

RPEF - Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers

Router Post-Exploitation Framework Currently, the framework includes a number of firmware image modules: 'Verified' - This module is confirmed to work and is stable. 'Unverified' - This module is believed to work or should work with little additional effort, but awaits being tested on a physical...

7.4AI score
Exploits0References1
Rows per page
Query Builder