DEBIAN-CVE-2021-32292

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

Stack overflow

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

CVE-2021-32292

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

UBUNTU-CVE-2021-32292

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

MAL-2023-141 Malicious code in braze-webpack-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc71db731ac5e637112dcd53e9aef14f68b79db997c03e693ec04014b9178c76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in braze-webpack-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc71db731ac5e637112dcd53e9aef14f68b79db997c03e693ec04014b9178c76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in meetingsdk-sample-vuejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb53d02e988a276631d13cbb6486793e2858c3a6f266fb6601d395b5d6fd97d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-588 Malicious code in meetingsdk-sample-vuejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb53d02e988a276631d13cbb6486793e2858c3a6f266fb6601d395b5d6fd97d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in meetingsdk-sample-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b35b4caef11623ed6a19de27a6ca20f776482dc18bfe6fb11b3d852adb69eed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-587 Malicious code in meetingsdk-sample-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b35b4caef11623ed6a19de27a6ca20f776482dc18bfe6fb11b3d852adb69eed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-755 Malicious code in sample-app-typescript (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a7432b767dd8bf532a686b3a40add828170682af3dcfdcab09c7d7a012a83e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sample-app-typescript (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a7432b767dd8bf532a686b3a40add828170682af3dcfdcab09c7d7a012a83e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Skuld: The Infostealer that Speaks Golang

Skuld: The Infostealer that Speaks Golang By Ernesto Fernández Provecho · June 13, 2023 In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide, something that security researchers had also noticed. The usage of Golang,...

CVE-2023-32690

Summary: libspdm (DMTF SPDM) prior to versions 2.3.3 and 3.0 stores the responder’s CTExponent after a CAPABILITIES response without validation. If a cryptographic operation is later requested (e.g., CHALLENGE), the requester uses the unvalidated CTExponent to compute a timeout, enabling potentia...

LimeRAT Malware Analysis: Extracting the Config

Remote Access Trojans RATs have taken the third leading position in ANY. RUN's Q1 2023 report on the most prevalent malware types, making it highly probable that your organization may face this threat. Though LimeRAT might not be the most well-known RAT family, its versatility is what sets it...

CVE-2022-43773

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...

Malicious code in ds-ember-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32eba44302a74869a67c73b03d739a2f3e06ac76700e85bf314ed9bbe4efe7e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-292 Malicious code in ds-ember-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32eba44302a74869a67c73b03d739a2f3e06ac76700e85bf314ed9bbe4efe7e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2023-16993 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: MP4v2 version 2.1.2 Description: A vulnerability was found in the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit h...

K30340506: Intel Multiple CPU vulnerabilities CVE-2020-8738,CVE-2020-8739,CVE-2020-8740,CVE-2020-8764

Security Advisory Description CVE-2020-8738 Improper conditions check in Intel BIOS platform sample code for some IntelR Processors before may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8739 Use of potentially dangerous function in Intel BIOS...