Lucene search
K

21 matches found

Veracode
Veracode
added 2025/08/13 10:24 a.m.4 views

Malicious File Parsing

@finos/git-proxy is vulnerable to malicious file parsing. The vulnerability is due to improper PACK signature detection in parsePush.ts, which allows an attacker to embed misleading signatures in commit content and craft packet structures to bypass approval or hide commits...

7CVSS7AI score0.0047EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/02 8:22 p.m.4 views

CVE-2025-54584

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

7CVSS6AI score0.0047EPSS
Exploits1References1
NVD
NVD
added 2025/07/30 8:15 p.m.8 views

CVE-2025-54584

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

7CVSS0.0047EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/30 8:1 p.m.6 views

CVE-2025-54584 GitProxy is vulnerable to a packfile parsing exploit

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

7CVSS6.3AI score0.0047EPSS
Exploits1References4
Kitploit
Kitploit
added 2025/04/21 12:30 p.m.50 views

Bytesrevealer - Online Reverse Enginerring Viewer

Bytes Revealer is a powerful reverse engineering and binary analysis tool designed for security researchers, forensic analysts, and developers. With features like hex view, visual representation, string extraction, entropy calculation, and file signature detection, it helps users uncover hidden...

7.1AI score
Exploits0References3
ICS
ICS
added 2020/06/30 12:0 p.m.19 views

EINSTEIN Data Trends – 30-day Lookback

Summary Cybersecurity and Infrastructure Security Agency CISA analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System IDS, known as EINSTEIN. This information is meant to give the reader a closer look into...

9.6AI score
Exploits0References37
OSV
OSV
added 2019/07/18 7:15 p.m.10 views

CVE-2019-1010279

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c...

7.5CVSS6.7AI score
Exploits0References3
Wallarm Lab
Wallarm Lab
added 2019/05/10 5:9 p.m.182 views

Latest Bypassing Techniques Beats SOAP/XML API Protection

Latest Bypassing Techniques Beat SOAP/XML API Protection It is impossible to protect APIs unless you take a deep dive into the protocols implemented over the standard HTTP. Most security tools are not protecting data where it’s most vulnerable, inside the XML schema itself. These encoding attacks...

Exploits0
CNVD
CNVD
added 2018/05/23 12:0 a.m.6 views

VMware Workstation and Fusion Privilege Vulnerability

VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion versions 10.x prior to 10.1.2. A local attacker could exploit this vulnerability to bypass signature detection and gain elevated...

7.8CVSS6.7AI score0.00415EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/12/04 11:41 a.m.14 views

Ursnif Trojan Adopts New Code Injection Technique

Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif or Gozi samples have been tested in wild by a new malware developer. The samples are a...

1.3AI score
Exploits0References4
n0where
n0where
added 2016/04/23 11:30 a.m.100 views

Response Operation Collection Kit: ROCK NSM

MOCYBER’s open source Network Security Monitoring platform ROCK is a collections platform, in the spirit of Network Security Monitoring, designed by members of the Missouri National Guard’s Cyber Team. It’s primary focus is to provide a robust, scalable sensor platform for both enduring security...

0.4AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/08/25 12:0 a.m.7 views

PT-2012-1390 · Pc Tools · Threatfire

Name of the Vulnerable Software and Affected Versions: ThreatFire version 4.7.0.17 Description: A race condition issue allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detectio...

6.2CVSS7.1AI score0.00291EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2012/08/25 12:0 a.m.5 views

PT-2012-1381 · Tallemu · Online Armor Premium

Name of the Vulnerable Software and Affected Versions: Online Armor Premium version 4.0.0.35 Description: A race condition in Online Armor Premium on Windows XP allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not...

7CVSS7.4AI score0.00298EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2012/08/25 12:0 a.m.12 views

PT-2012-1376 · Kingsoft · Kingsoft Personal Firewall 9 Plus

Name of the Vulnerable Software and Affected Versions: KingSoft Personal Firewall 9 Plus version 2009.05.07.70 Description: A race condition in the software allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not block...

6.2CVSS6.9AI score0.00379EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.11 views

Generic Credit Card Signature Detection

Binary data 5851.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.11 views

Generic Credit Card Signature Detection

Binary data 5854.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.6 views

Generic Social Security Signature Detection (deprecated)

Binary data 5858.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.8 views

Generic Credit Card Signature Detection

Binary data 5847.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.14 views

Generic Credit Card Signature Detection

Binary data 5852.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/29 12:0 a.m.10 views

Generic Credit Card Signature Detection

Binary data 5848.prm...

7.3AI score
Exploits0
Rows per page
Query Builder