MAL-2025-102537 Malicious code in fajar-soto88-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6c9ff83b8789a3dd38b8fe62df7b60bef13801883f8257d359aa43899e32b80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-94537 Malicious code in flat_badger_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf6a490d05df3b5a9b8fe448e8f55b0054b69128eaa412c500e2d4940213900f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ade-menjes97-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 682e37192de8bd4f19c780b207d10af919dcd4ad6bf274901f81d1e0ae6c950e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from insufficient validation of ACAP configuration file inputs, which could lead to path traversal attacks and elevation of privilege...

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

PT-2025-45389

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists due to inadequate input sanitization when processing configuration files. An attacker can upload a crafted configuration file to cause a denial-of-service condition, traverse directorie...

Lexmark Printers Path Traversal (CVE-2021-44737)

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64319

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

CVE-2025-64322

CVE-2025-64322 affects Salesforce Agentforce Vibes Extension. The vulnerability is described as an incorrect permission assignment for a critical resource that allows manipulation of writable configuration files. Impact is limited to extensions before affected versions (per sources: before 3.3.0;...

CVE-2025-64319

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

CVE-2025-64318

The issue CVE-2025-64318 affects Salesforce Mulesoft Anypoint Code Builder (before 1.12.1). The vulnerability is described as improper neutralization of input used for LLM prompting, enabling manipulation of writable configuration files. The available data indicate an impact on integrity (partial...

Salesforce Mulesoft Anypoint Code Builder 安全漏洞

Salesforce Mulesoft Anypoint Code Builder is an integrated development environment from US-based Salesforce, Inc. A security vulnerability exists in Salesforce Mulesoft Anypoint Code Builder versions prior to 1.11.6, which stems from improper assignment of critical resource permissions and could...

PT-2025-45032

Name of the Vulnerable Software and Affected Versions Mulesoft Anypoint Code Builder versions prior to 1.11.6 Description An issue exists in Salesforce Mulesoft Anypoint Code Builder related to incorrect permission assignment for a critical resource, allowing manipulation of writeable configurati...