MAL-2022-3702 Malicious code in httpinfrastructure (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34c25bae800f5d8e992b1fbda3daf30b45b483169d38d39cd5f87d0d3be3953c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in piwik-pro-angular-tracking (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79068cbf8199cbc4c530a577a4934b5e4c0fa657f5c84ef801c777fd77150c36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2297 Malicious code in cxd-npm-releases (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 653b5a7e3454cc87a99ebf066a86cab23a1999ba37b0cb45700df4448ebeaeef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-635 Malicious code in @texashealth/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b70d7ed0d1d6f669632477dbdd002d99b4713dd4c71fecad9fc68b039fbe680 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dcihaockmzqwwof (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 856d746b9921e3767ce1ed8cfe0745845585c173d0dea2daa14d06030cb9d12d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in colors-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac04aef85013d9a618d3cdea01e11cc1bcdaaa2a5a49181947e3133c124b22e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in platform-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad8e6207ec92f95f52f2c15bd6b5a38a760f599bab2eca8eacaf98df6ccfcf1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in inv-cyber (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e90cb95f7d2d44890fb6be5925a997de1b87b2387d291d2918362152f1c83395 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-378 Malicious code in @kibt/weblogger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035a055f53a5761085351a9e6b15c91eb2005049497022de631fd5a382021333 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in axp-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70a5f3aa5db3120296ea6ab090412c4520f66f6e1d1de1a451c12db3aeec6cc0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2378 Malicious code in ddc-new-relic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 724b8e2d9bbce93045922539d67f166495a0abac1fe3d410e5cea2ec861e82d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Cosori Smart Code Execution Vulnerability

amazon COSORI Smart is a hardware device from amazon. Smart WiFi Air Fryer. A security vulnerability exists in Cosori Smart 5.8-Quart, which can be exploited by an attacker to gain full access to an application and compromise an affected system...

Google Chrome Resource Management Error Vulnerability (CNVD-2021-31246)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that can be exploited by remote attackers to compromise a vulnerable system...

F5 Networks BIG-IP : F5 TMUI XSS vulnerability (K66851119)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K66851119 advisory. - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

CVE-2021-25140

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This...

CVE-2020-5948

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the...

Exploit for Incorrect Resource Transfer Between Spheres in Linuxfoundation Containerd

ABSTRACT SHIMMER CVE-2020-15257 This repo contains proof-of...

Oracle VM VirtualBox (Oct 2020 CPU)

The version of Oracle VM VirtualBox installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory, including the following: - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that i...

GHSA-4FQG-89CC-5PV5 Malicious Package in sj-labc

All versions of sj-labc contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package in sj-tw-abc

All versions of sj-tw-abc contain malicious code. The package downloads and runs a script that opens a reverse shell in the system. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...