Lightning Framework, modular Linux malware
Researchers at Intezer have published a technical analysis of Lightning Framework, a previously undocumented and undetected Linux threat. Lightning is...
Node.js amplify-category-api-e2e-core module code execution |
NAME Node.js amplify-category-api-e2e-core module code execution Platforms Affected:Node.js amplify-category-api-e2e-coreRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js amplify-category-api-e2e-core module could allow a remote attacker...
Node.js employers-routes module code execution |
NAME Node.js employers-routes module code execution Platforms Affected:Node.js employers-routesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js employers-routes module could allow a remote attacker...
Node.js owncloud-guests module code execution |
NAME Node.js owncloud-guests module code execution Platforms Affected:Node.js owncloud-guestsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js owncloud-guests module could allow a remote attacker...
Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788
NAME Apple iOS, iPadOS, and tvOS buffer overflow Platforms Affected:Apple iOS 15.5 Apple iPadOS 15.5 Apple tvOS 15.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
Node.js dependencies-zksync module code execution |
NAME Node.js dependencies-zksync module code execution Platforms Affected:Node.js dependencies-zksyncRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js dependencies-zksync module could allow a remote attacker...
Node.js defi-interfaces module code execution |
NAME Node.js defi-interfaces module code execution Platforms Affected:Node.js defi-interfacesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js defi-interfaces module could allow a remote attacker...
Skyhigh Secure Web Gateway security bypass | CVE-2022-2310
NAME Skyhigh Secure Web Gateway security bypass Platforms Affected:Trellix Skyhigh Secure Web Gateway 11.0 Trellix Skyhigh Secure Web Gateway 11.2.0...
Node.js wm-accounts-auth module code execution |
NAME Node.js wm-accounts-auth module code execution Platforms Affected:Node.js wm-accounts-authRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-auth module could allow a remote attacker...
Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186
NAME Node.js @acrontum/filesystem-template module command execution Platforms Affected:Node.js @acrontum/filesystem-template 0.0.1Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js @acrontum/filesystem-template module could allow...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
Node.js elementor-developers-docs module code execution |
NAME Node.js elementor-developers-docs module code execution Platforms Affected:Node.js elementor-developers-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js elementor-developers-docs module could allow a remote attacker...
Node.js route-sonar module code execution |
NAME Node.js route-sonar module code execution Platforms Affected:Node.js route-sonarRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js route-sonar module could allow a remote attacker...
Node.js lido-dao-test-dp module code execution |
NAME Node.js lido-dao-test-dp module code execution Platforms Affected:Node.js lido-dao-test-dpRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lido-dao-test-dp module could allow a remote attacker...
Node.js stripe-demo-connect-standard-saas-platform module code execution |
NAME Node.js stripe-demo-connect-standard-saas-platform module code execution Platforms Affected:Node.js stripe-demo-connect-standard-saas-platformRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js stripe-demo-connect-standard-saas-platform module could allow a remote attacker...
Node.js bitmovin-internal module code execution |
NAME Node.js bitmovin-internal module code execution Platforms Affected:Node.js bitmovin-internalRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bitmovin-internal module could allow a remote attacker...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2487
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
PATLITE NHL-3FB2/NHP-3FB2 buffer overflow | CVE-2022-35911
NAME PATLITE NHL-3FB2/NHP-3FB2 buffer overflow Platforms Affected:PATLITE NHL-3FB2/NHP-3FB2 1.46 PATLITE NHL-3FB2/NHP-3FB2 1.45Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION PATLITE NHL-3FB2/NHP-3FB2 is vulnerable to...
Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution |
NAME Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution Platforms Affected:Node.js twilio-bugcrowd-poc-twilio-flex-ui-sampleRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module could allow a remote attacker...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2488
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
Node.js shaikh-test module code execution |
NAME Node.js shaikh-test module code execution Platforms Affected:Node.js shaikh-testRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shaikh-test module could allow a remote attacker...
Update Google Chrome now! New version includes 11 important security patches
The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take...
Lock down your Neopets account: Data breach being investigated
Bad news for players of long-time virtual pet management title Neopets. Word is spreading of a compromise claimed to have...
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop. Threat actors are...
