Lucene search
K

46 matches found

CVE
CVE
added 2025/01/25 12:49 a.m.47 views

CVE-2025-24360

CVE-2025-24360 affects the Nuxt framework (Vue.js) prior to v3.15.3, with v3.8.1–v3.15.3 vulnerable due to default CORS settings that allow any origin to send requests to the development server and read responses. Several sources corroborate that, when using the Vite builder with the default serv...

5.3CVSS5.5AI score0.00529EPSS
Exploits0References6
PyPA
PyPA
added 2024/10/10 10:15 p.m.7 views

PYSEC-2024-197

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

5.3CVSS6.7AI score0.00421EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/10/10 10:15 p.m.8 views

PYSEC-2024-197

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

5.3CVSS5.2AI score0.00421EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2022/03/07 7:28 p.m.316 views

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims — this time releasing data purportedly stolen from Samsung Electronics. The consumer electronics giant confirmed in a media...

8.7AI score
Exploits0References12
OSV
OSV
added 2021/06/11 7:15 a.m.3 views

CVE-2021-28805

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.3 build 20210505 on QSW-M2108-2C; versio...

5.5CVSS6.1AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2021/03/18 7:20 p.m.630 views

CVE-2021-25764

PhpStorm (JetBrains) before 2020.3 is affected: the issue lets source code be written into debug logs (“Source code could be added to debug logs”). The vulnerability affects PhpStorm’s logging path and can lead to information disclosure via logs. The issue is tracked as CVE-2021-25764. Remediatio...

5.3CVSS5.4AI score0.00768EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2020/06/08 12:9 a.m.162 views

h1-ctf: [H1-2006 2020] CTF Writeup

Summary: The CTF's objective could be found in the following Twitter post: F858468 As outlined on https://hackerone.com/h1-ctf, all subdomains of bountypay.h1ctf.com are in scope. Doing subdomain enumeration revealed the following subdomains: api.bountypay.h1ctf.com app.bountypay.h1ctf.com...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/04/18 12:0 a.m.1 views

Shanghai Chuangzheng Information Technology Co., Ltd. website building system has website source code leakage vulnerability

Shanghai Chuangzheng Information Technology Co., Ltd Chuangzheng was founded in 2005, is a national high-tech enterprise. Shanghai Chuangzheng Information Technology Co., Ltd. website building system has a website source code leakage vulnerability, attackers can use the vulnerability to obtain...

7AI score
Exploits0
OSV
OSV
added 2019/11/12 9:15 p.m.6 views

CVE-2019-14366

WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...

7.5CVSS7.1AI score0.01677EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/04/23 8:20 a.m.1 views

Source Code for CARBANAK Banking Malware Found On VirusTotal

Security researchers have discovered the full source code of theCarbanak malware—yes, this time it's for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2018/08/08 10:33 a.m.1 views

Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub reposito...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/12 5:0 p.m.15 views

A week in security (February 5 – February 11)

Last week on Malwarebytes Labs, we featured a new Flash Player zero-day that has been found in recent targeted attacks. And we talked about a new trick to cripple browsers that came out of the hat of tech support scammers. We also covered several methods of stealing cryptocurrencies, including on...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2017/07/19 9:56 a.m.15 views

Modified Versions of Nukebot in Wild Since Source Code Leak

Some opportunistic criminals have put the leaked source code for the Nukebot banking Trojan to use, targeting banks in the United States and France with variants of the malware, while another group has adapted it to steal mail client and browser passwords. The leak was disclosed in early March wh...

Exploits0References3
ThreatPost
ThreatPost
added 2016/02/22 1:4 p.m.24 views

GM Bot Banking Malware Source Code Leak

Source code for the potent Android malware GM Bot has been leaked to underground forums, according to IBM security experts. The impact, IBM X-Force threat intelligence says, will be an uptick in GM Bot variants and the number of attacks targeting financial applications on Android-based devices...

0.4AI score
Exploits0References2
myhack58
myhack58
added 2015/04/23 12:0 a.m.26 views

FireEye Trojan analysis engine (MAS) 6.4.1 – multiple vulnerabilities-vulnerability warning-the black bar safety net

FireEye Trojan analysis system MAS web login section there are multiple serious vulnerabilities. Multiples Vulnerabilities 3 XSS reflected 1 CSRF 1 NoSQLi Json object 1 PostGreSQL SQLi Exploitable? 1 File and Path Disclosure 1 Source code Info-leak XSS: The Cross-Station 1...

7.5AI score
Exploits0
myhack58
myhack58
added 2015/04/01 12:0 a.m.86 views

The local file contains(LFI)vulnerability Detection Tool – Kadimus-vulnerability warning-the black bar safety net

Kadimus is for detecting a site local file inclusion(LFI)vulnerability of security tools. Characteristics Detect all URL parameters /var/log/auth. log RCE /proc/self/environ RCE php://input RCE data://text RCE The source code leak detection Multi-thread scanning HTTP command execution vulnerabili...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2015/02/13 10:12 a.m.10 views

Rig Exploit Kit Source Code Leaked

A spitting match between developers of the Rig Exploit Kit and one of its resellers resulted in a partial leak of the kit’s source code in a hacker forum. Rig is less than a year old and is spread primarily in malvertising campaigns, pushing Flash, Java and Microsoft Silverlight exploits; some...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2014/02/22 12:42 a.m.10 views

Android iBanking Trojan Source Code Leaked Online

Smartphone is the need of everyone today and so the first target of most of the Cyber Criminals. Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat. The...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2009/12/16 12:0 a.m.22 views

Tomcat 4.0.10 自带Servlet可导致源码泄漏漏洞

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/02/07 12:0 a.m.22 views

IPSwitch WS_FTP Server Manager / Whats Up unauthorized access

It's possible to access script files with localhostnull account without password. Scripts source code leak...

2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder