91 matches found
CVE-2026-24762
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be...
CVE-2026-24762
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be...
CVE-2026-24762
CVE-2026-24762 affects RustFS up to alpha.81, where the server logs sensitive credential material (access key, secret key, session token) at INFO level, causing plaintext credentials in logs accessible to log consumers and potentially leading to credential compromise. Root cause: logging ofSTS cr...
CVE-2026-24762 RustFS Logs Sensitive Credentials in Plaintext
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be...
PT-2026-6208
Name of the Vulnerable Software and Affected Versions RustFS versions alpha.13 through alpha.81 Description RustFS logs sensitive credential material, including access key, secret key, and session token, to application logs at the INFO level. This results in credentials being recorded in plaintex...
Malicious code in billa-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffa2448a408e1ed549ad371946707a41f41a692b0038032f2bf43dd2b1a619c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in alvino-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb78191f516da449e4380f1eaff06929a5581e04a5bd08faf0f7f0decb914cfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rita-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f70b75453db92294197f17654561086eabab38cbe28f4c12af5a0faec22a1cae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152444 Malicious code in alvino-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb78191f516da449e4380f1eaff06929a5581e04a5bd08faf0f7f0decb914cfd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cinta-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f9ce953d4ff4fd7c969f8668ef56b1d82511de08bfcd0f487b32fc62d3bdc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bitha-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 154274a91b069be4b696df8d1432cb83ae13d8208ab3ca28641f51f3d10fa604 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in alvira-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4827d57ebb8edcc2c9b9f56f4fca6ed1d304b655e99e9c4bc8134a03a49cd249 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154116 Malicious code in cinta-82 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f9ce953d4ff4fd7c969f8668ef56b1d82511de08bfcd0f487b32fc62d3bdc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-74695
Malicious code in encouragingiguanacoral-82 npm...
EUVD-2025-74807
Malicious code in complicatedduckgreen-82 npm...
EUVD-2025-77570
Malicious code in meaningfulraccoonsapphire-82 npm...
Mozilla Firefox ESR < 115.29
The version of Firefox ESR installed on the remote Windows host is prior to 115.29. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-82 advisory. - Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and...
EUVD-2020-7669
Malware in sbrugna...
EUVD-2018-0997
Malware in sbrugna...
CVE-2025-34036
An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When th...