5335 matches found
CVE-2024-31840
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the current...
CVE-2024-31840
The CVE-2024-31840 entry concerns Italtel Embrace 1.6.4. The vulnerability is that the web application inserts cleartext email account passwords into the HTML source. An authenticated user can access the edit function for the email server configuration, and the edit form is pre-filled with the cu...
CVE-2021-47326
This CVE entry is rejected/not used as stated in the Initial Description.
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...
CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
UBUNTU-CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
CVE-2024-36050
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...
CVE-2024-36050
CVE-2024-36050 affects Nix up to version 2.22.1, where mishandling of hash caches enables an attacker to substitute attacker-controlled source code by luring a maintainer into accepting a malicious pull request. The available data specify a MEDIUM severity (CVSS 3.1 base score 4.3) with no disclo...
PT-2024-26864 · Nix +1 · Nix +1
Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.22.1 Description: The issue makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request. This is due to the mishandli...
CVE-2024-3403
imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...
CVE-2024-3403
CVE-2024-3403 affects imartinez/privategpt v0.2.0 with a local file inclusion weakness that enables reading arbitrary files via manipulated file upload, exposing files through the app’s “Search in Docs” feature or AI queries. Impact notes in sources include potential remote code execution by expo...
CVE-2024-3403 Local File Inclusion in imartinez/privategpt
imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...
CVE-2024-3403 Local File Inclusion in imartinez/privategpt
imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...
CVE-2024-33485
CASAP Automated Enrollment System, version V1.0, contains a SQL Injection in the login.php component (PHP/MySQLi) that could allow a remote attacker to leak sensitive information. Root cause: improper handling of user input in SQL queries. Mitigation in the connected document: disable the login f...
RHEL 7 : developer_environment (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - An issue wa...
Europol Hacked? IntelBroker Claims Major Law Enforcement Breach
By Waqas Notorious hacker IntelBroker claims a major data breach at Europol. Allegedly, sensitive data including employee info, source code, and operational documents were compromised. Europol has yet to confirm the breach. Could this expose ongoing investigations and endanger law enforcement...
IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data
By Waqas Hackers claim to have breached a third-party contractor of HSBC and Barclays, stealing sensitive data including database files, source code, and more. This is a post from HackRead.com Read the original post: IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data...