65 matches found
EUVD-2024-53469
Malicious code in bioql PyPI...
EUVD-2023-37620
Malicious code in bioql PyPI...
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor IME software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. "Attackers employed...
CVE-2024-56963
An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link...
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
A China-aligned advanced persistent threat APT group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle AitM attacks. "Spellbinder enables adversary-in-the-middle AitM attacks, through IPv6 stateless address autoconfiguratio...
CVE-2024-56963
An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link...
CVE-2024-56963
CVE-2024-56963 affects Beijing Sogou Technology Development Co., Ltd Sogou Input for iOS 12.2.0. Affected component appears to be the input application where a crafted link can cause disclosure of sensitive user information. The vulnerability’s impact is described as high confidentiality risk wit...
CVE-2024-56963
An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link...
Sogou Input 安全漏洞
Sogou Input is an input method from the Chinese company Sogou Sogou. A security vulnerability exists in Sogou Input iOS version 12.2.0, which originates from an attacker being able to obtain sensitive user information by providing a carefully crafted link...
PT-2025-3364 · Beijing Sogou Technology Development Co. · Sogou Input
Name of the Vulnerable Software and Affected Versions: Beijing Sogou Technology Development Co., Ltd Sogou Input version 12.2.0 Description: An issue in the software allows attackers to access sensitive user information via supplying a crafted link. This is achieved by providing a manipulated lin...
CVE-2024-56963
An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices, which stems from the improper use of an insecure protocol in the SogouSDK for Chinese Samsung...
CVE-2023-33457
In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...
CVE-2023-33457
In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...
CVE-2023-33457
In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...
Buffer overflow
In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...
CVE-2023-33457
In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...
CVE-2023-33457
In Sogou Workflow v0.10.6, CVE-2023-33457 arises from memcpy being called with a negative size in URIParser::parse, leading to a buffer overflow and crash. Affected product: Sogou Workflow (v0.10.6). Impact is high (CVE CVSS 3.1: 8.8) with potential for memory corruption due to improper size hand...
PT-2023-24347 · Sogou · Sogou Workflow
Name of the Vulnerable Software and Affected Versions: Sogou Workflow version 0.10.6 Description: The issue is related to a buffer-overflow that may cause a crash. This occurs when a negative size is used in the memcpy function within the URIParser::parse function. Recommendations: For Sogou...
Sogou Workflow 安全漏洞
Sogou Workflow is a C++ parallel computing and asynchronous networking engine from China's Sogou Sogou. A security vulnerability exists in Sogou Workflow version v0.10.6, which stems from a negative memcpy in URIParser::parse, which could lead to a buffer overflow...