203 matches found
pyload - Log Injection
A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. id: CVE-2024-21645 info: name: pyload - Log Injection author: isacaya severity: medium description: | A log injection...
Symfony Profiler - Remote Access via Injected Arguments
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
Oracle WebLogic Server - Remote Command Execution
The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. id: CVE-2019-2725 info: name: Oracle WebLogic...
MiracleLinux 3 : mailman-2.1.11-3.4.AXS3 (AXSA:2011-74:01)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2011-74:01 advisory. Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing...
PT-2025-47351
Name of the Vulnerable Software and Affected Versions Fortinet FortiClientWindows versions 7.2.0 through 7.2.8 Fortinet FortiClientWindows versions 7.4.0 through 7.4.3 Description A heap-based buffer overflow exists in Fortinet FortiClientWindows. A local IPSec user with authentication may be abl...
MAL-2025-152517 Malicious code in alvira-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f16e035f04a9cdd4a0d5ca934a95813d2274c502867c90bb258bb5086392137 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bitha-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1046b9de4d31c766b9a2d6b1c53bada4175dd30379edf0df6c9c0beeb8d263 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aril-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40522af1fe2291d513bedcc3c0b800cbe87944eb3efb515dc8d18d6771f3c7e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154107 Malicious code in cinta-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0446c002c7e10776786fa52abe1c691ae8dafc65d9ae1a4626ff292c0c64a61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164949 Malicious code in rita-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f641631436c260a4922ad22d5d63f36930dbfe8a2dc0186df86feaaaf00a8343 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in billa-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85b80ff63d669f5830affad471d861ade73e6f5990ad1aee51ae5d6f6e554c85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rita-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f641631436c260a4922ad22d5d63f36930dbfe8a2dc0186df86feaaaf00a8343 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kentung-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fda81f924f941dc278f3d94b1a5e567d0801f31d27a5bdd6288016e2f56f6db4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-74584
Malicious code in harshroundwormivory-74 npm...
EUVD-2025-74555
Malicious code in idealcrocodileblue-74 npm...
EUVD-2025-74688
Malicious code in estimatedviperolive-74 npm...
EUVD-2025-74622
Malicious code in furiouswrencopper-74 npm...
MAL-2025-112010 Malicious code in inclined_possum_salmon-74 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd467acc34f3caacae55a820c94ec51f73d72b684d7bf2cb990c23d3eb59e4e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-71773
Malicious code in wolfemerald-74-tisubasah npm...
EUVD-2020-28614
Malware in sbrugna...