Aggregator

A vulnerability classified as critical was found in Xfig 3.2.5/3.2.5b. This vulnerability affects the function read_textobject of the file f_readold.c. The manipulation leads to memory corruption. This vulnerability was named CVE-2009-4227. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Free Web Chat 2.0. Affected is the function adduser of the file usermanager.java. The manipulation of the argument usrName leads to denial of service. This vulnerability is traded as CVE-2004-2646. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Novell NetWare 6.5. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2004-2414. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as critical, was found in avast Antivirus Home up to 4.8.1368.0. This affects an unknown part of the file Aavmker4.sys. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2010-0705. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Policy Management 12.6.0.0.0. Affected is an unknown function of the component Core. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-28708. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Oracle SD-WAN Aware 9.0.1.6.0. It has been rated as critical. This issue affects some unknown processing of the component Management. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2022-31630. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Oracle Primavera Unifier up to 18.8.18/19.12.16/20.12.16/21.12.14/22.12.3. It has been classified as critical. This affects an unknown part of the component User Interface. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2022-36033. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Financial Services Analytical Applications Infrastructure up to 8.1.2.2. This affects an unknown part of the component Infrastructure. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-41184. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Oracle Banking Digital Experience up to 22.2. It has been declared as critical. This vulnerability affects unknown code of the component UI General. The manipulation leads to cross site scripting. This vulnerability was named CVE-2022-36033. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Oracle Banking Trade Finance 14.5/14.6/14.7. It has been rated as critical. This issue affects some unknown processing of the component Infrastructure. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2022-36033. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Oracle Banking Treasury Management 14.5/14.6/14.7. Affected is an unknown function of the component Infrastructure. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-36033. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in HP HP-UX B.11.11/B.11.23/B.11.31. This issue affects some unknown processing of the component useradd. The manipulation leads to an unknown weakness. The identification of this vulnerability is CVE-2009-0719. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in HP OpenView Network Node Manager 7.01. It has been classified as very critical. Affected is an unknown function of the component Node Manager. The manipulation leads to code injection. This vulnerability is traded as CVE-2009-0720. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Yaws Web Server. This affects an unknown part. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2009-0751. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Poppler 0.10.6/0.12.0. Affected is the function ABWOutputDev::endWord of the component Utility. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2009-3938. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in MLDonkey 2.8.4/2.8.7/2.9/2.9.0-r3/2.9.7. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2009-0753. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Name: Azure Assassin Alliance CTF 2025 (an Azure Assassin Alliance CTF event.)
Date: April 26, 2025, 1 a.m. — 27 April 2025, 01:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://actf2025.xctf.org.cn/
Rating weight: 35.00
Event organizers: 欸欸欸

360漏洞云携手共青团中央直属中国光华科技基金会隆重推出《数字青春·榜样力量》特别直播，共同走近网络安全青年榜样的身边，共同见证中国新生代网络安全青年以技术为甲胄、以创新为旗帜，在数字化浪潮中构筑“数字长城”的硬核担当。

360漏洞云携手共青团中央直属中国光华科技基金会隆重推出《数字青春·榜样力量》特别直播，共同走近网络安全青年榜样的身边，共同见证中国新生代网络安全青年以技术为甲胄、以创新为旗帜，在数字化浪潮中构筑“数字长城”的硬核担当。

近期，Ripple推荐加密货币NPM JavaScript库名为“xrpl.js”，被入侵窃取Ripple钱包种子和私钥，并将其转移到攻击者控制的服务器上，允许威胁者窃取存储在钱包中的所有资金。

恶意代码被添加到xrpl NPM包的2.14.2、4.2.1、4.2.2、4.2.3和4.2.4版本中，并于下午时间4:46到5:49之间发布到NPM注册表中。这些被破坏的版本已经被删除，现在有一个干净的4.2.5版本，所有用户都应该立即升级到这个版本。

xrpl.js库由Ripple币账本基金会（XRPLF）维护，是Ripple币通过JavaScript与Ripple币区块链交互的推荐库。它支持钱包操作、XRP转账和其他分类账功能。由于它是与XRP区块链交互的推荐库，它已经被广泛采用，在过去的一周内下载量超过14万次。

NPM库通过可疑方法进行了修改，名为CheckValitysofdeed将附加到折衷版本中的“

/src/index.ts

”文件的末尾进行了修改。此功能接受字符串作为参数，然后通过http Post请求转发给https：// 0x9c [。] xyz/xcm，威胁者可以在其中收集它。该代码试图通过使用“ AD-REFFERAL”用户代理使其看起来像网络流量监视系统的广告请求，从而试图变得隐秘。

恶意代码插入到xrpl.js NPM库中

根据开发安全公司Aikido的说法，checkValidityOfSeed（）函数在各种函数中被调用，用于窃取XRP钱包的种子、私钥和助记符。

通过checkValidityOfSeed函数窃取数据

威胁者可以利用这些信息在自己的设备上导入被盗的XRP钱包，以提取其中的任何资金。

目前已经确定，受感染的版本是在不同时间上传的，总共有452次下载。虽然总下载量并不大，但这个库可能被用来管理和连接更多的XRP钱包。

恶意代码似乎是由与Ripple组织相关的开发人员帐户添加的，可能是通过受损的凭证添加的。恶意提交没有出现在公共GitHub存储库中，这表明攻击可能发生在NPM发布过程中。

如果用户使用其中一个版本，请立即停止并旋转与受影响系统的任何私钥或秘密。XRP Ledger支持钥匙旋转：https：//xrpl.org/docs/tutorials/how-tos/how-tos/manage-manage-acccount-account-settings/assign-a-a-a-regular-regular-key-pair-，如果任何帐户的主密钥可能被妥协，则应将其禁用：https：//xrpl.org/docs/tutorials/how-tos/manage-manage-account-settings/disable-master-key-pair。”

开发人员称，XRP账本代码库或GitHub存储库没有受到影响。“澄清一下：这个漏洞存在于xrpl.js中，这是一个用于与XRP账本交互的JavaScript库。它不会影响XRP账本代码库或Github存储库本身。使用xrpl.js的项目应该立即升级到v4.2.5，”XRP账本基金会在X上发布。

开发商还证实，Xaman钱包、XRPScan、First Ledger和Gen3 Games项目没有受到供应链攻击的影响。这种供应链攻击类似于之前以太坊和索拉纳npm用于窃取钱包种子和私钥的攻击。