18 matches found
EUVD-2025-28255
Malicious code in bioql PyPI...
Malicious code in spiral-connectservice (npm)
The package spiral-connectservice was found to contain malicious code...
Malicious code in spiral-betservices (npm)
The package spiral-betservices was found to contain malicious code...
MAL-2025-33758 Malicious code in spiral-betservices (npm)
The package spiral-betservices was found to contain malicious code...
MAL-2025-33759 Malicious code in spiral-connectservice (npm)
The package spiral-connectservice was found to contain malicious code...
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...
PT-2025-22832
Name of the Vulnerable Software and Affected Versions spiral-rs crate version 0.2.0 Description The issue concerns the spiral-rs crate for Rust, where allocation can be attempted for a ZST zero-sized type. Recommendations For spiral-rs crate version 0.2.0, consider avoiding allocations for...
CVE-2025-48755
CVE-2025-48755 affects the spiral-rs crate (Rust) version 0.2.0, where an allocation can be attempted for a zero-sized type (ZST). The root cause, as described in the provided sources, is an allocation operation involving ZSTs within spiral-rs. The CVSSv3.1 metrics from NVD indicate a critical ba...
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST zero-sized type...
spiral-mind.com Cross Site Scripting vulnerability OBB-2615446
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks
Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution RCE exploit is the handiwork of a Chinese threat actor dubbed "DEV-0322." The revelation comes days after the Texas-based IT monitori...
SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers
A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. In a report published by Secureworks on Monday, the cybersecurity firm attributed the...
Senator Demands Answers About CloudPets Breach
A U.S. senator has called Spiral Toys onto the carpet for its data security practices in light of the recent CloudPets breach. Sen. Bill Nelson D-FL, a ranking member of the Committee on Commerce, Science and Transportation and backer of a 2016 report on security and privacy concerns related to...
Hypnotic Spiral - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Hypnotic Spiral published at the 'play' market has multiple vulnerabilities...
AST-2009-002: Remote Crash Vulnerability in SIP channel driver
Asterisk Project Security Advisory - AST-2009-002 +------------------------------------------------------------------------+ | Product | Asterisk | |---------------------+--------------------------------------------------| | Summary | Remote Crash Vulnerability in SIP channel driver |...