Lucene search
K

68 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/25 1:57 a.m.8 views

Malicious code in design-system-components-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa76659f890e0326b1b129f7cf3c39dd4b242fa297217ef6b98e4b34fa602ba2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.6 views

The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the failure to address the issue of eliminating specific components used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execu...

7.7CVSS7.1AI score0.00362EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2024/05/06 10:3 a.m.25 views

Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system...

8.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.6 views

The vulnerability of the notification mechanism of the operating system “Avrora”, which allows a perpetrator to increase their privileges

The vulnerability of the “Avora” operating system’s notification mechanism is related to deficiencies in permission control for applications that send notifications. Exploiting this vulnerability allows attackers to execute privileged requests to system components, which can lead to violations of...

6.1CVSS5.6AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2023/11/01 12:0 a.m.18 views

Google Android Information Disclosure Vulnerability (CNVD-2024-01375)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

5.5CVSS6.3AI score0.00085EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/01 12:0 a.m.17 views

Google Android Information Disclosure Vulnerability (CNVD-2024-01369)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

4.4CVSS6.3AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.3 views

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability, which is caused due to free usage in system components. An attacker can exploit this vulnerability to obtain sensitive information...

6.5CVSS6.1AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.4 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused due to out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

4.4CVSS6AI score0.00085EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.3 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

5.5CVSS6AI score0.00085EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.8 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

4.4CVSS6AI score0.00086EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.3 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused due to out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...

7.5CVSS6AI score0.00372EPSS
Exploits0References3
Prion
Prion
added 2023/10/26 3:15 p.m.18 views

Directory traversal

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

5.5CVSS6.4AI score0.01116EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.7 views

The vulnerability of the microprogrammed software of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. This vulnerability allows a hacker to execute arbitrary commands in the operating system.

The vulnerability of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands in the...

8CVSS7.9AI score0.00418EPSS
Exploits0References6Affected Software4
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/09/17 4:53 p.m.2 views

Malicious code in @healthbridge-design-system/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 67a89e843273447a99a5bf30226772af73acc28ebaa30abad7579f363b87e848 The OpenSSF Package Analysis project identified '@healthbridge-design-system/components' @ 1.0.0 npm as malicious. It is considered malicious...

6.9AI score
Exploits0
OSV
OSV
added 2023/04/12 5:15 p.m.5 views

CVE-2023-0004

A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software...

6.5CVSS5.8AI score0.01125EPSS
Exploits0References7
NVD
NVD
added 2023/04/12 5:15 p.m.28 views

CVE-2023-0004

A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software...

6.5CVSS6.3AI score0.01125EPSS
Exploits0References7
OSV
OSV
added 2023/03/16 4:4 p.m.25 views

GHSA-CP96-JPMQ-XRR2 On a compromised node, the virt-handler service account can be used to modify all node specs

Impact If a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can for instance read all secrets on t...

8.2CVSS7.9AI score0.00611EPSS
Exploits0References4
0day.today
0day.today
added 2022/11/21 12:0 a.m.286 views

ClicShopping 3.402 Cross Site Scripting Vulnerability

Title: ClicShoppingV3-Version3.402 XSS-Reflected Author: nu11secur1ty Vendor: https://www.clicshopping.org/forum/ Software: https://github.com/ClicShopping/ClicShoppingV3/releases/tag/version3402 Reference:...

7.4AI score
Exploits0
OSV
OSV
added 2022/06/13 4:15 p.m.3 views

CVE-2022-31752

Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/13 4:15 p.m.2 views

CVE-2022-31752

Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality...

5.5CVSS5.3AI score0.00146EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder