5 matches found
Data Visualisation Framework - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-055
This module allows you to turn various data sources Eg CSV or JSON file into interactive visualisation. The DVF module provides a field storage, widget & formatter that can be added to any entity. This module uses two third-party JS libraries having from low to medium vulnerabilities. One of the...
Malicious Package
Overview dvf-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious code in dvf-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf18547f9f147479c4459ff3e5a5ea3c30c2f74abd59960980007211ed420ee3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-294 Malicious code in dvf-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf18547f9f147479c4459ff3e5a5ea3c30c2f74abd59960980007211ed420ee3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
NCH WavePad 6.48 DLL Hijacking
/ Exploit Title: NCH WavePad DLL Hijacking Exploit ehtrace.dll Vendor Homepage:http://www.nch.com.au/wavepad/ Author: Sachin Wagh @tigertigerboy Linkedin: https://in.linkedin.com/in/sachin-wagh-95b17555 Affected Version: WavePad 6.48 Tested on: Windows 7 Ultimate Vulnerable extension: .dvf /...