MAL-2024-8976 Malicious code in uikit-app-promotions-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d19072ff8c8ab1bd3da76aae8b83610fb37811142076666d675f5a7e2fbae6f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

json-c: Buffer Overflow

Background json-c is a JSON implementation in C. Description Please review the CVE identifier referenced below for details. Impact A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit. Workaround There is no known workaround at this tim...

CVE-2024-7216

A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be...

TOTOLINK LR1200GB 安全漏洞

The TOTOLINK LR1200 is a wireless router designed for 4G LTE networks. The TOTOLINK LR1200 suffers from a hard-coded password vulnerability that originates from the /etc/shadow.sample page containing a use of hard-coded passwords. No details of the vulnerability are provided at this time...

Microsoft Azure SQL Workshop azuremlsampleexperiments Uncontrolled Search Path Element Vulnerability

This vulnerability allows remote attackers to manipulate sample datasets on affected installations of SQL Workshop for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of SQL Workshop. When installed from the official...

CVE-2024-7155

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. It is possible to launch the attack on the local...

TOTOLINK A3300R 安全漏洞

The TOTOLINK A3300R is a wireless router manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A3300R is vulnerable to a hard-coded password vulnerability that originates from the use of hard-coded passwords in the /etc/shadow.sample file. No details of the vulnerability are provided at...

[NetScaler] Squid may record "error:transaction-end-before-headers" when be the service of LB

In a NetScaler Load Balancing deployment, you may have a Squild proxy server configured as a NetScaler LB Service. And you may observe "error:transaction-end-before-headers" recorded on Squid server. The error apears periodically with several seconds interval. Log sample: Timestamp xxxx...

Malicious code in render-sample-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 531acbb1583ee41c2b1d689b07228870c585ff764c2fc902a93854b566181af0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7097 Malicious code in render-sample-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 531acbb1583ee41c2b1d689b07228870c585ff764c2fc902a93854b566181af0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2024-6062

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of the file src/filters/loadtext.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...

PT-2024-37356 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master Description: A problematic issue was found, affecting the swf svg add iso sample function of the src/filters/load text.c file in the MP4Box component. This issue leads to a null pointer dereferenc...

PT-2024-27697 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version 1 FW1.01B01 Description: The issue allows attackers to log in as root due to a hardcoded password vulnerability found in /etc/shadow.sample. This enables unauthorized access to the system. Recommendations: For...

TRENDnet TEW-814DAP Security Vulnerability

The TRENDnet TEW-814DAP is a wireless access point from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-814DAP v1FW1.01B01 version that stems from a hard-coded password vulnerability in /etc/shadow.sample that allows an attacker to log in as root...

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it's an updated variant of a financially motivated operation that was first documente...

Exploit for Cross-site Scripting in Cksource Ckeditor

CKEditor cross-site scripting vulnerability in AJAX sample CVE...

CVE-2024-36782

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

PT-2024-27160 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300 version 2.0.4-B20201102 Description: A hardcoded password vulnerability was discovered in /etc/shadow.sample, allowing attackers to log in as root. This issue enables unauthorized access to the system. Recommendations: For...

CVE-2024-35395

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

PT-2024-26476 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900L version 4.1.5cu.798 B20221228 Description: A hardcoded password issue was found in the /etc/shadow.sample file, allowing attackers to log in as root. Recommendations: For TOTOLINK CP900L version 4.1.5cu.798 B20221228, consider...