Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

CVE-2022-33003: code execution backdoor · Issue #5 · wateraccounting/watools

The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE
Open in Source
#vulnerability#git#backdoor
CVE-2022-33002: kgexplore

The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE-2022-33001: code execution backdoor · Issue #1 · bOrionis/AAmiles

The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE-2022-33000: ml-scanner

The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE-2022-32999: code execution backdoor · Issue #1 · SilvioGiancola/CloudLabeling-API

The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE-2022-32998: cryptoasset-data-downloader

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE-2013-1916: Offensive Security’s Exploit Database Archive

In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved.

Backdoor.Win32.InfecDoor.17.c MVID-2022-0614 Insecure Permissions

Backdoor.Win32.InfecDoor.17.c malware suffers from an insecure permissions vulnerability.

Backdoor.Win32.Shark.btu MVID-2022-0615 Insecure Permissions

Backdoor.Win32.Shark.btu malware suffers from an insecure permissions vulnerability.

Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool

By Deeba Ahmed This newly discovered malware campaign is attributed to a Chinese hacking group called Tropic Trooper. Cybersecurity researchers at… This is a post from HackRead.com Read the original post: Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool