Lucene search
K

17 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.11 views

uutils coreutils 输入验证错误漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a vulnerability related to input validation. This vulnerability arises from the comm utility consuming data from unconventional file inputs before performing comparison operations...

4.4CVSS5.8AI score0.00134EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2024/08/13 11:4 a.m.13 views

On the Voynich Manuscript

Really interesting article on the ancient-manuscript scholars who are applying their techniques to the Voynich Manuscript. No one has been able to understand the writing yet, but there are some new understandings: Davis presented her findings at the medieval-studies conference and published them ...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:32 p.m.17 views

LazyStealer the Unconventional Approach to Cyber Espionage

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/02/19 8:18 a.m.10 views

A Fresh Look at the Bumblebee’s Comeback Strategies

Summary: BumbleBee, a malicious loader discovered in March 2022, resurfaced in the cyber threat landscape on February 8, 2024, after a four-month hiatus. Unlike in previous campaigns, this attack chain diverges from conventional techniques. Threat Level - Amber | Attack Report For a detailed thre...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/05 10:48 a.m.32 views

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation,...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/01 9:57 a.m.39 views

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of confidential...

7.1AI score
Exploits0
Veracode
Veracode
added 2023/01/26 3:36 a.m.11 views

Privilege Escalation

cakephp/cakephp is vulnerable to Privilege Escalation. A remote attacker is able to directly access prefixed actions without setting the correct request parameters due to unconventional URL paths, which allows an attacker to elevate privileges when the authorization depends on the presence of the...

6.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/01/20 11:34 p.m.15 views

CakePHP allows direct access of prefixed controller actions

Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters...

5.2AI score
Exploits0References7Affected Software1
OSV
OSV
added 2023/01/20 11:34 p.m.13 views

GHSA-6HG4-VP5Q-47MW CakePHP allows direct access of prefixed controller actions

Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters...

7.1AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.2 views

PT-2023-32983 · Packagist · Cakephp/Cakephp

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows unconventional URL paths to enable direct access to prefixed actions without correctly setting the request parameters. Recommendations: At the moment, there is no...

6.9AI score
Exploits0References8
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.9 views

unconventional reentrant structure can result in reentrance into _returnDust

Lines of code Vulnerability details Impact unconventional nonreentrant code structure allows for reentrance from returnDust Proof of Concept Once execute finishes execution, the reentrancy guard is reset to be not in effect, and the flow goes into returnDust. Now caller's receive function can cal...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/08/19 1:0 p.m.18 views

Meet Jessica Scherlag: Senior Manager of Social Media and Engagement

Jessica Scherlag discusses the importance of social media platforms, her unconventional career path, and the benefits of pushing past your comfort zone...

1.9AI score
Exploits0
Fedora
Fedora
added 2021/08/29 1:14 a.m.48 views

[SECURITY] Fedora 33 Update: nbdkit-1.24.6-1.fc33

NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...

3.5CVSS1.1AI score0.00573EPSS
Exploits0
FireEye
FireEye
added 2016/06/20 12:0 p.m.26 views

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

7.2AI score
Exploits0References1
FireEye
FireEye
added 2016/06/20 8:0 a.m.59 views

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

7AI score
Exploits0
myhack58
myhack58
added 2009/06/24 12:0 a.m.16 views

Catch the wind multi-user PHP statistical system v4. 0 injection vulnerability-vulnerability warning-the black bar safety net

Today see something get tired, just download such a code. You can see his DESCRIPTION, is known as totally anti-injection attack, the password 3 is 2-bit Md5 encryption. Look at most of the injection is basically impossible, unless the other drain of the write stuff. But there is such a compariso...

0.3AI score
Exploits0
myhack58
myhack58
added 2006/03/26 12:0 a.m.19 views

Fuzzy URL-vulnerability warning-the black bar safety net

| --- URL Universal Resource Locator universal Resource Locator is the Internet most commonly to something one, for example, we access the web address http://www. ttian. nett/index. html is a URL of the form, 但是我们同样可以通过http://ttian@3546011754/index.html来访问这的一个页面 it! The above second kind of stran...

6.8AI score
Exploits0
Rows per page
Query Builder