EUVD-2025-38994

Malicious code in joni-sambel67-miaww npm...

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

@amoy/animate (>=0.1.0 <=0.1.8), @amoy/query (>=0.1.1 <=0.4.3) +4 more potentially affected by CVE-2024-38994 via @amoy/common (=1.0.10)

@amoy/common NPM version =1.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on @amoy/common and may be impacted: - @amoy/animate =0.1.0, =0.1.1, =1.0.0, =0.1.0, =1.0.1, =1.0.42 - react-webgl.js =0.0.1 Source cves: CVE-2024-38994 Source advisory:...

CVE-2024-38994

amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2023-38994

creationtimestamp| type| source ---|---|--- 2023-10-31 15:50:54+00:00| seen| https://t.me/cibsecurity/73222 2025-04-15 22:55:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11947...

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

CVE-2023-38994

CVE-2023-38994 affects Univention Corporate Server (UCS) 5.0-5. The issue stems from the check_univention_joinstatus Prometheus script (and similar scripts), which exposes the LDAP password of the machine account in the process list. This enables attackers with local SSH access to elevate privile...

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

CVE-2022-38994

creationtimestamp| type| source ---|---|--- 2022-09-16 22:35:03+00:00| seen| https://t.me/cibsecurity/49962...

CVE-2022-38994

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-38994

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-38994

Technical details about CVE-2022-38994 are not provided in the connected documents. Monitor for updates.

CVE-2021-38994

creationtimestamp| type| source ---|---|--- 2022-02-24 20:14:43+00:00| seen| https://t.me/cibsecurity/38032...

CVE-2021-38994

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 213072...

CVE-2021-38994

CVE-2021-38994 affects IBM AIX 7.1, 7.2, 7.3 and VIOS 3.1. The IBM Security Bulletin notes a kernel vulnerability exploitable by a non-privileged local user that can cause a denial of service. Affected filesets include bos.mp64 across TLs 7.1.5.x, 7.2.4.x, 7.2.5.x, and 7.3.0.x with corresponding ...

AIX : Multiple Vulnerabilities (IJ37012)

The version of AIX installed on the remote host is prior to APAR IJ37012. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ37012 advisory. - IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cau...

AIX : Multiple Vulnerabilities (IJ37501)

The version of AIX installed on the remote host is prior to APAR IJ37501. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ37501 advisory. - IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cau...