46 matches found
EUVD-2020-7133
Malware in sbrugna...
EUVD-2017-1562
Malware in sbrugna...
CVE-2024-32502
creationtimestamp| type| source ---|---|--- 2025-08-27 21:18:29+00:00| seen| Telegram/3cCxfL420ujsni81Rfhu21hSQiYHtmg5WmuB39zsoXQ6uw...
CVE-2021-24350
The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting XSS vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel...
CVE-2020-15003
OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user via the session API during shared Drive access...
New Microsoft Incident Response guides help security teams analyze suspicious activity
Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for and uses daily to provide our customers with...
Denial Of Service (DoS)
yauaa is vulnerable to denial of service. The vulnerability exists due to ClientHintsAnalyzer.java improperly handling client hints, allowing an attacker to crash the application through the ArrayIndexOutOfBoundsException by passing a malicious user-agent string when using the client hint analysi...
Firefox and Chrome reaching major versions 100 may break some websites
Mozilla has issued a warning about the upcoming versions 100 for both Chrome and Firefox. The change in the version number from 2 to 3 digits may cause some problems when visiting websites that are not prepared for this change. For example, it’s possible that some parsing libraries may have...
Popular NPM Package Hijacked to Publish Crypto-mining Malware
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that...
CVE-2020-23054
A cross-site scripting XSS vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field...
Cross site scripting
A cross-site scripting XSS vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field...
CVE-2020-23054
CVE-2020-23054 is a cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5. The flaw allows an attacker to execute arbitrary web scripts or HTML through a crafted payload in the user agent input field. Documented impact ranges from partial integrity impact and l...
CVE-2020-23054
A cross-site scripting XSS vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field...
WordPress Visitors plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Visitors is a plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Visitors plugin version 0.3 and earlier,...
Visitors WordPress plugin 跨站脚本漏洞
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Visitors is a plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Visitors plugin version 0.3 and earlier,...
Regular Expression Denial Of Service (ReDoS)
es6-crawler-detect is vulnerable to regular expression denial of service. The vulnerability exists because user agent string length supplied to regex operators are not restricted, leading to no limit for the time module being run...
CVE-2020-28501
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...
Design/Logic Flaw
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...
CVE-2020-28501 Regular Expression Denial of Service (ReDoS)
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...
Regular Expression Denial Of Service (ReDoS)
ua-parser-js is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through overly greedy regular expressions when parsing the browsers' user agent strings...