Malicious code in ether-bn.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cc5567869e3d616af151887f680ef13bf23f8a19fe5978343254b921c1c7c73 Package name 'ether-bn.js' resembles the widely-used 'bn.js' big-number library, and the README directs users to install yet another name...

EUVD-2014-1483

Malware in sbrugna...

A Rusty Link in the AI Supply Chain: Detecting Evil Configurations in Model Repositories

Recent advancements in large language models LLMs have spurred the development of diverse AI applications from code generation and video editing to text generation; however, AI supply chains such as Hugging Face, which host pretrained models and their associated configuration files contributed by...

Embedded Malicious Code in ctx

The ctx hosted project on PyPI was taken over via user account compromise and replaced with a malicious project which contained runtime code which collected the content of os.environ.items when instantiating Ctx objects...

CVE-2020-25182 Rockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path Element

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft...

DEBIAN-CVE-2021-39535

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2021-28327 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Microsoft Windows Remote Procedure Call Runtime 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. A remote code execution vulnerability exists in the "Remote Procedure Call Runtime" in Microsoft Windows an...

SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...

Dynamic Instrumentation Tool Platform: DynamoRIO

Dynamic Instrumentation Tool Platform DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. DynamoRIO exports an interface for building dynamic tools for a wide variety of uses: program analysis and understanding, profiling...