68 matches found
Malicious code in design-system-components-angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa76659f890e0326b1b129f7cf3c39dd4b242fa297217ef6b98e4b34fa602ba2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the failure to address the issue of eliminating specific components used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.
The vulnerability of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execu...
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components
Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system...
The vulnerability of the notification mechanism of the operating system “Avrora”, which allows a perpetrator to increase their privileges
The vulnerability of the “Avora” operating system’s notification mechanism is related to deficiencies in permission control for applications that send notifications. Exploiting this vulnerability allows attackers to execute privileged requests to system components, which can lead to violations of...
Google Android Information Disclosure Vulnerability (CNVD-2024-01375)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android Information Disclosure Vulnerability (CNVD-2024-01369)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android 资源管理错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability, which is caused due to free usage in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused due to out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused due to out-of-bounds reads in system components. An attacker can exploit this vulnerability to obtain sensitive information...
Directory traversal
The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...
The vulnerability of the microprogrammed software of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. This vulnerability allows a hacker to execute arbitrary commands in the operating system.
The vulnerability of TP-Link Archer AX50, Archer A10, Archer AX10, and Archer AX11000 Wi-Fi routers exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands in the...
Malicious code in @healthbridge-design-system/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 67a89e843273447a99a5bf30226772af73acc28ebaa30abad7579f363b87e848 The OpenSSF Package Analysis project identified '@healthbridge-design-system/components' @ 1.0.0 npm as malicious. It is considered malicious...
CVE-2023-0004
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software...
CVE-2023-0004
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software...
GHSA-CP96-JPMQ-XRR2 On a compromised node, the virt-handler service account can be used to modify all node specs
Impact If a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can for instance read all secrets on t...
ClicShopping 3.402 Cross Site Scripting Vulnerability
Title: ClicShoppingV3-Version3.402 XSS-Reflected Author: nu11secur1ty Vendor: https://www.clicshopping.org/forum/ Software: https://github.com/ClicShopping/ClicShoppingV3/releases/tag/version3402 Reference:...
CVE-2022-31752
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality...
CVE-2022-31752
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality...