aldryn-django (=4.2.10.0), am-report (=0.1.5) +80 more potentially affected by CVE-2024-41990 via django (>=4.2.0 <=4.2.14)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-41990 Source advisory: OSV:PYSEC-2024-68...

Malicious code in cx-api-client-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 315d3186e692fd6934de0d66c25255e03eb763a15daa0785e92e58a2abbbba60 The OpenSSF Package Analysis project identified 'cx-api-client-lite' @ 200.0.1 npm as malicious. It is considered malicious because: - The packa...

aldryn-django (=4.2.10.0), am-report (=0.1.5) +80 more potentially affected by CVE-2024-38875 via django (>=4.2.0 <=4.2.13)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-38875 Source advisory: OSV:PYSEC-2024-56...

MAL-2024-6620 Malicious code in api-client_builder (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in api-client_builder (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6618 Malicious code in apache-sling_api_client (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6616 Malicious code in apache-felix_api_client (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in VRCһаt.API.Client (NuGet)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1402 Malicious code in wdio-api-client (npm)

This package is considered malicious because it communicates with a domain associated with malicious activity and the package executes one or more commands associated with malicious behavior...

Malicious code in wdio-api-client (npm)

This package is considered malicious because it communicates with a domain associated with malicious activity and the package executes one or more commands associated with malicious behavior...

CVE-2024-35219

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

CVE-2024-35219

OpenAPI Generator (OpenAPI Tools) before version 7.6.0 is vulnerable to path traversal via the outputFolder option, allowing an attacker to read and delete files in arbitrary writable directories. The known impacted range is

PT-2024-21307 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue has been found in the Fujian Kelixin Communication Command and Dispatch Platform, affecting an unknown functionality of the file...

Malicious code in ent-profile-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f9c39ae8dadaf1b8ac82e8e1f7b312d04c58cb2a208ba535221cae3bac7ae787 The OpenSSF Package Analysis project identified 'ent-profile-api-client' @ 9.3.1 npm as malicious. It is considered malicious because: - The...

MAL-2024-1026 Malicious code in ent-profile-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f9c39ae8dadaf1b8ac82e8e1f7b312d04c58cb2a208ba535221cae3bac7ae787 The OpenSSF Package Analysis project identified 'ent-profile-api-client' @ 9.3.1 npm as malicious. It is considered malicious because: - The...

PyDrive2 代码问题漏洞

PyDrive2 is Iterative open source a google-api-python-client wrapper library . PyDrive2 has a deserialization command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...

MAL-2023-8446 Malicious code in airslate-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a38e9b5638e56d7f1a1fb5d3d5d396fc0a8aee158c609b74bce384f3a4d79cd5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in airslate-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a38e9b5638e56d7f1a1fb5d3d5d396fc0a8aee158c609b74bce384f3a4d79cd5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...