42 matches found
EUVD-2019-8726
Malware in sbrugna...
EUVD-2023-42335
Malicious code in bioql PyPI...
EUVD-2025-28140
Malicious code in bioql PyPI...
CVE-2025-48054
Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...
CVE-2025-48054 Radashi Vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...
Radashi 安全漏洞
Radashi is a modern, community-first TypeScript toolkit open-sourced by Radashi. A security vulnerability exists in Radashi versions prior to 12.5.1 that stems from the set function being vulnerable to prototype contamination attacks...
CVE-2019-19086
Gitlab Enterprise Edition EE before 12.5.1 has Insecure Permissions issue 1 of 2...
Malicious code in digitalexp-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9833903519bade9052cdd1225ca96239d62fbff6d2cfc10be31dc013063ee830 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-28058
The CVE affects RSA NetWitness Platform prior to 12.5.1. Description and connected sources indicate that even after an administrator revokes a user’s access with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data. This is ...
PT-2024-22241 · Rsa · Rsa Netwitness Platform
Name of the Vulnerable Software and Affected Versions: RSA NetWitness Platform versions prior to 12.5.1 Description: The issue allows an internal threat actor to impersonate a revoked user and gain unauthorized access to sensitive data, even after an administrator has revoked the user's access...
PT-2024-6887 · Adobe · Lightroom Desktop
Name of the Vulnerable Software and Affected Versions: Lightroom Desktop versions 7.4.1, 13.5, 12.5.1 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...
Jungo WinDriver 安全漏洞
Jungo WinDriver is a device driver development toolkit from Israel's Jungo that supports any device, regardless of its chip vendor, with the ability to focus on the value-added functionality of the driver rather than the operating system internals. A denial of service vulnerability exists in...
Jungo WinDriver 安全漏洞
Jungo WinDriver is a device driver development toolkit from Israel's Jungo that supports any device, regardless of its chip vendor, with the ability to focus on the value-added functionality of the driver rather than the operating system internals. A privilege management error vulnerability exist...
Jungo WinDriver 安全漏洞
Jungo WinDriver is a device driver development toolkit from Israel's Jungo that supports any device, regardless of its chip vendor, with the ability to focus on the value-added functionality of the driver rather than the operating system internals. A privilege management error vulnerability exist...
CVE-2024-22104
CVE-2024-22104 is a local, out-of-bounds write vulnerability in Jungo WinDriver prior to version 12.5.1. The issue allows a local attacker to trigger a Windows blue screen and a Denial of Service (DoS). The vulnerability is caused by an out-of-bounds write in affected WinDriver components, enabli...
PT-2024-20736 · Jungo · Windriver
Name of the Vulnerable Software and Affected Versions: Jungo WinDriver versions prior to 12.5.1 Description: The issue is related to improper privilege management, allowing local attackers to escalate privileges and execute arbitrary code. This can be exploited by attackers to gain elevated acces...
CVE-2023-38536
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site scripting...
CVE-2023-38536
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site scripting...
CVE-2023-38534
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated RPC...
Cross site scripting
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site scripting...