Lucene search
K

115 matches found

CVE
CVE
added 2024/11/11 6:51 a.m.55 views

CVE-2024-11016

CVE-2024-11016 affects Webopac from Grand Vice info. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Reported CVSS 3.1 v3.1 base score is 9.8 (CRITICAL) with network attack Vector, no...

9.8CVSS10AI score0.00538EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.7 views

PT-2024-16704 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS8.3AI score0.00538EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.5 views

PT-2024-16710 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Stored Cross-site Scripting vulnerability, allowing remote attackers with regular privileges to inject arbitrary JavaScript code into the server. When...

5.4CVSS6.5AI score0.00279EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.4 views

PT-2024-16706 · Unknown · Grand Vice Info Webopac

Name of the Vulnerable Software and Affected Versions: Grand Vice Info Webopac versions up to 6.5.0/7.2.2 Description: The issue is related to the lack of proper file type validation in the Webopac component, allowing unauthenticated remote attackers to upload and execute webshells. This could le...

9.8CVSS8.5AI score0.00803EPSS
Exploits0References16
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.5 views

Grand Vice info Webopac 跨站脚本漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x before 6.5.1 and version 7.x before 7.2.3 exists,...

6.1CVSS6.5AI score0.00324EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.2 views

Grand Vice info Webopac 代码问题漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, which...

9.8CVSS7.9AI score0.00803EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.3 views

Grand Vice info Webopac 跨站脚本漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3 exist...

5.4CVSS6.3AI score0.00279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.10 views

PT-2024-16707 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser throug...

6.1CVSS7.3AI score0.00324EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.4 views

Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...

9.8CVSS8.1AI score0.00451EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.10 views

Grand Vice info Webopac 代码问题漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac versions 6.x prior to 6.5.1 and 7.x prior to 7.2.3, which stems fr...

8.8CVSS7.9AI score0.0074EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/09/19 10:12 a.m.11 views

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest formerly DEV-083...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/12 1:12 p.m.35 views

Rhysida Ransomware Cracked, Free Decryption Tool Released

Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/16 12:3 p.m.108 views

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Multi-State...

10CVSS9.2AI score0.99512EPSS
Exploits75
Spring Security Advisories
Spring Security Advisories
added 2023/11/02 12:0 a.m.12 views

A Bootiful Podcast: GraalVM founder and Oracle vice president Thomas Wuerthinger

Hi, Spring fans! In this installment Josh Long talks to Oracle vice president Thomas Wuerthinger about the project he created and leads, GraalVM. This was recorded live from Devoxx Belgium 2023!...

6.8AI score
Exploits0
Trellix
Trellix
added 2023/10/09 12:0 a.m.23 views

Rhysida Ransomware

Rhysida Ransomware By Alexandre Mundo, Max Kersten, and Leandro Velasco · October 9, 2023 New ransomware victims are made every day by ransom gangs with a variety of ransomware malware families, one of which is the Rhysida ransomware family. Within this blog, an anonymised version of an attack by...

7.2AI score
Exploits0
Trellix
Trellix
added 2023/10/09 12:0 a.m.13 views

Rhysida Ransomware

Rhysida Ransomware By Leandro Velasco · October 9, 2023 This blog was also written by Alexandre Mundo and Max Kersten New ransomware victims are made every day by ransom gangs with a variety of ransomware malware families, one of which is the Rhysida ransomware family. Within this blog, an...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/09 4:20 a.m.24 views

New Report Exposes Vice Society's Collaboration with Rhysida Ransomware

Tactical similarities have been unearthed between the double extortion ransomware group known as Rhysida and Vice Society, including in their targeting of education and healthcare sectors. "As Vice Society was observed deploying a variety of commodity ransomware payloads, this link does not sugge...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/05 11:0 a.m.12 views

The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/08 1:45 p.m.63 views

Ransomware review: May 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

9.8AI score0.99999EPSS
Exploits24
The Hacker News
The Hacker News
added 2023/04/17 8:1 a.m.2 views

Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration

Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors TAs using built-in data exfiltration methods like living off the...

6.8AI score
Exploits0
Rows per page
Query Builder