2665 matches found
Malicious code in test-tech-talk (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9877 Malicious code in test-tech-talk (npm)
--- -= Per source details. Do not edit below this line.=-...
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview tha...
CVE-2024-20491
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...
CVE-2024-20490
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
CVE-2024-20490
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
CVE-2024-20491
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...
CVE-2024-20442
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...
CVE-2024-20442
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...
CVE-2024-20491 Cisco Nexus Dashboard Insights Information Disclosure Vulnerability
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...
CVE-2024-20491
Cisco Nexus Dashboard Insights is affected by a vulnerability in its logging function that can disclose remote controller credentials. The issue arises because credentials are recorded in internal logs stored in tech support files, which an attacker can access to view admin credentials in clear t...
CVE-2024-20491 Cisco Nexus Dashboard Insights Information Disclosure Vulnerability
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file...
CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
CVE-2024-20442
Cisco Nexus Dashboard exposes a REST API vulnerability due to insufficient authorization controls on certain endpoints. An authenticated, low-privileged, remote attacker could perform limited Administrator actions such as viewing portions of the web UI, generating config backups, or deleting tech...
CVE-2024-20442 Cisco Nexus Dashboard Unauthorized API Endpoints Vulnerability
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...
Malicious code in verida-tech-demos (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ded9af82932dfcd9a6021dbd383ebadc322bdfc63b8c68d1981537b14ab226b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9068 Malicious code in verida-tech-demos (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ded9af82932dfcd9a6021dbd383ebadc322bdfc63b8c68d1981537b14ab226b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2024-8626 · Cisco · Cisco Nexus Dashboard
Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard affected versions not specified Description: A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an...
Keep Your Tech Flame Alive: Akamai Trailblazer Sabine A. Sitterli
...