7661 matches found
MAL-2025-49116 Malicious code in epic-analytics-worker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 001f66bdd59090dfeb452f1f9050ac62587a91713d8d4c2a7a3ec06a5e45abb7 The package epic-analytics-worker was found to contain malicious code...
Malicious code in epic-analytics-worker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 001f66bdd59090dfeb452f1f9050ac62587a91713d8d4c2a7a3ec06a5e45abb7 The package epic-analytics-worker was found to contain malicious code...
EUVD-2025-36877
Drupal Umami Analytics allows Cross-Site Scripting XSS...
GHSA-JXP8-4JW5-5XJC Drupal Umami Analytics allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
Drupal Umami Analytics allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
CVE-2025-10931
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
CVE-2025-10931
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
Drupal Umami Analytics 安全漏洞
Drupal Umami Analytics is a web statistics plugin for the Drupal community. A security vulnerability exists in Drupal Umami Analytics versions prior to 1.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...
CVE-2025-10931
CVE-2025-10931 corresponds to a Cross-Site Scripting (XSS) vulnerability in Drupal Umami Analytics. The connected sources confirm the flaw arises from improper neutralization of input during web page generation and affects Umami Analytics versions prior to 1.0.1 (e.g., 0.0.0 up to before 1.0.1). ...
CVE-2025-10931 Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
CVE-2025-10931 Umami Analytics - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI
This paper introduces the Agentic AI Governance Assurance & Trust Engine AAGATE, a Kubernetes-native control plane designed to address the unique security and governance challenges posed by autonomous, language-model-driven agents in production. Recognizing the limitations of traditional...
PT-2025-44359
Name of the Vulnerable Software and Affected Versions Drupal Umami Analytics versions prior to 1.0.1 Description A flaw exists in Drupal Umami Analytics that allows for Cross-Site Scripting XSS. This issue arises from improper neutralization of input during web page generation. The vulnerability...
Security Bulletin: There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics
Summary There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite, when used with stand alone Cognos Analytics, where MXCSP is used for integration. A remote attacker could bypass authentication mechanisms and gain unauthorized access to Cognos Analytics...
CVE-2025-36386 There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics
IBM Maximo Application Suite 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...
CVE-2025-36386
CVE-2025-36386 affects IBM Maximo Application Suite: MAS Manage component versions 9.0.0–9.0.15 and 9.1.0–9.1.4, where a flaw in MXCSP integration with Cognos Analytics allows a remote attacker to bypass authentication and gain full access. The vulnerability is linked to authentication bypass by ...
CVE-2025-36386 There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics
IBM Maximo Application Suite 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...
Malicious Package
Overview deere-ui-analytics-events is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
PT-2025-44191
Name of the Vulnerable Software and Affected Versions IBM Maximo Application Suite versions 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 Description The software contains a flaw that allows a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...
cybersec-ids
cybersec-ids Full-stack AI-driven Web App Intrusion Detection...