MAL-2025-8808 Malicious code in @malware-test-neeze-halma-arere-towny/test-mlw3-neeze-halma-arere-towny (npm)

The package @malware-test-neeze-halma-arere-towny/test-mlw3-neeze-halma-arere-towny was found to contain malicious code...

CVE-2025-8808

A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been rated as problematic. This issue affects the function exportOrder of the file /tianti-module-admin/user/ajax/save of the component com.jeff.tianti.controller. The manipulation leads to csv injection. The attack may be initiated...

CVE-2025-8808

creationtimestamp| type| source ---|---|--- 2025-08-10 15:11:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw2kwuuohv2p...

CVE-2025-8808 xujeff tianti 天梯 com.jeff.tianti.controller save exportOrder csv injection

A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been rated as problematic. This issue affects the function exportOrder of the file /tianti-module-admin/user/ajax/save of the component com.jeff.tianti.controller. The manipulation leads to csv injection. The attack may be initiated...

CVE-2025-8808

CVE-2025-8808 affects xujeff tianti 天梯 up to 2.3. The vulnerability is in the exportOrder function of /tianti-module-admin/user/ajax/save within com.jeff.tianti.controller, enabling CSV injection. Exploitation appears possible remotely and public disclosures exist. Multiple connected sources conf...

CVE-2019-8808

creationtimestamp| type| source ---|---|--- 2024-01-31 07:08:26+00:00| seen| https://t.me/ctinow/176508 2024-01-31 09:11:48+00:00| seen| https://t.me/ctinow/176569 2024-01-31 10:11:25+00:00| seen| https://t.me/ctinow/176608 2024-01-31 12:06:35+00:00| seen| https://t.me/ctinow/176679 2024-02-01...

Debian: Security Advisory (DLA-484-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0183-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0183-1 advisory. - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted we...

SUSE: Security Advisory (SUSE-SU-2020:1135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : webkitgtk4 on SL7.x x86_64 (20201001)

Security Fixes : - webkitgtk: Multiple security issues CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587,...

CVE-2020-8808

creationtimestamp| type| source ---|---|--- 2020-02-12 13:07:44+00:00| published-proof-of-concept| https://t.me/truesecator/151...

CVE-2020-8808

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...

CVE-2020-8808

The CVE concerns CORSAIR iCUE’s CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers. In versions prior to 3.25.60, local non-privileged users (including low-integrity processes) could read and write arbitrary physical memory via MmMapIoSpace, enabling elevation to NT AUTHORITY\SYSTEM. This vu...

CVE-2019-8808

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2019-8808

CVE-2019-8808 refers to memory corruption issues in WebKit-related components that could allow arbitrary code execution when processing malicious web content. Publicly documented fixes target Apple platforms: iOS/iPadOS 13.2, watchOS 6.1, tvOS 13.2, Safari 13.0.3, and iTunes for Windows 12.10.2; ...

openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2587)

This update for webkit2gtk3 to version 2.26.2 fixes the following issues : Webkit2gtk3 was updated to version 2.26.2 WSA-2019-0005 and WSA-2019-0006, bsc1155321 bsc1156318 Security issues addressed : - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead...

openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2591)

This update for webkit2gtk3 to version 2.26.2 fixes the following issues : Webkit2gtk3 was updated to version 2.26.2 WSA-2019-0005 and WSA-2019-0006, bsc1155321 bsc1156318 Security issues addressed : - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead...

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:3044-1)

This update for webkit2gtk3 to version 2.26.2 fixes the following issues : Webkit2gtk3 was updated to version 2.26.2 WSA-2019-0005 and WSA-2019-0006, bsc1155321 bsc1156318 Security issues addressed : CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead t...

CVE-2018-8808

In radare2 2.4.0, there is a heap-based buffer over-read in the rasmdisassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file...

CVE-2018-8808

In radare2 2.4.0, there is a heap-based buffer over-read in the rasmdisassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file...