161 matches found
CVE-2026-27822
RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.83, a Stored Cross-Site Scripting XSS vulnerability in the RustFS Console allows an attacker to execute arbitrary JavaScript in the context of the management console. By bypassing the PDF preview logic, an...
EUVD-2026-8590
Rust has Critical Stored XSS in Preview Modal, leading to Administrative Account Takeover...
CVE-2026-27822
RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.83, a Stored Cross-Site Scripting XSS vulnerability in the RustFS Console allows an attacker to execute arbitrary JavaScript in the context of the management console. By bypassing the PDF preview logic, an...
CVE-2026-27822
RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.83, a Stored Cross-Site Scripting XSS vulnerability in the RustFS Console allows an attacker to execute arbitrary JavaScript in the context of the management console. By bypassing the PDF preview logic, an...
PT-2026-21835
Name of the Vulnerable Software and Affected Versions RustFS versions 1.0.0-alpha.56 through 1.0.0-alpha.82 Description RustFS does not properly validate policy conditions during presigned POST uploads PostObject. This allows bypassing content-length-range, starts-with, and Content-Type...
MiracleLinux 3 : mysql-5.0.95-5.0.1.AXS3 (AXSA:2013-83:02)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-83:02 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...
MiracleLinux 8 : kernel-4.18.0-553.80.1.el8_10 (AXSA:2025-10994:83)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10994:83 advisory. kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol...
Mozilla Firefox < 40.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 40.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2015-83 advisory. - crash in @ stagefright::SampleTable::isValid with h264 mp4CVE-2015-4480 CVE-2015-4480 - MPEG4 saio Chunk...
Mozilla Firefox < 48.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 48.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2016-83 advisory. - bypass FireFox Secure Connection Failed prompt to whitelist any site but doesn't workCVE-2016-5268 CVE-2016-5268 Note...
Mozilla Firefox ESR < 38.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 38.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2015-83 advisory. - crash in @ stagefright::SampleTable::isValid with h264 mp4CVE-2015-4480 CVE-2015-4480 - MPEG4 saio Chunk...
Malicious code in alvino-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805dd12afc922300028b396fe686539eeb8aa4e9093dabf7baba2876fbfce846 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153884 Malicious code in bitha-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c3ea2953344622b71797141df795d669aadf17445e64f93ecce9701d21ecd6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bitha-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c3ea2953344622b71797141df795d669aadf17445e64f93ecce9701d21ecd6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rita-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e86b0e5382ad7b5d4ef9ecfa9056a7c75c97e35172743c43bafa6e2296b16406 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152445 Malicious code in alvino-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805dd12afc922300028b396fe686539eeb8aa4e9093dabf7baba2876fbfce846 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cinta-83 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac725d6872d30010b4af526b9d60f0f585e3cdd09e6fd41e35b05081dbf6d1a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-74207
Malicious code in splendidspiderviolet-83 npm...
EUVD-2025-74655
Malicious code in fewoxfuchsia-83 npm...
EUVD-2025-74299
Malicious code in renewedporcupinegreen-83 npm...
EUVD-2025-74784
Malicious code in costlyswordtailolive-83 npm...