806 matches found
MAL-2025-27650 Malicious code in node-red-contrib-xmlc14n (npm)
The package node-red-contrib-xmlc14n was found to contain malicious code...
Malicious code in node-red-contrib-ys7 (npm)
The package node-red-contrib-ys7 was found to contain malicious code...
Malicious code in @zalastax/nolb-node-red-contrib-b (npm)
The package @zalastax/nolb-node-red-contrib-b was found to contain malicious code...
Malicious code in node-red-contrib-wotkit (npm)
The package node-red-contrib-wotkit was found to contain malicious code...
Malicious code in @zalastax/nolb-node-red-contrib-4 (npm)
The package @zalastax/nolb-node-red-contrib-4 was found to contain malicious code...
Malicious code in @zalastax/nolb-node-red-contrib-i (npm)
The package @zalastax/nolb-node-red-contrib-i was found to contain malicious code...
Malicious code in node-red-contrib-xmlc14n (npm)
The package node-red-contrib-xmlc14n was found to contain malicious code...
MAL-2025-27646 Malicious code in node-red-contrib-storfly-iot-hp (npm)
The package node-red-contrib-storfly-iot-hp was found to contain malicious code...
MAL-2025-31914 Malicious code in red-contrib-enable-gps (npm)
The package red-contrib-enable-gps was found to contain malicious code...
Malicious code in @zalastax/nolb-node-red-contrib-e (npm)
The package @zalastax/nolb-node-red-contrib-e was found to contain malicious code...
MAL-2025-12677 Malicious code in @zalastax/nolb-node-red-contrib-k (npm)
The package @zalastax/nolb-node-red-contrib-k was found to contain malicious code...
MAL-2025-12667 Malicious code in @zalastax/nolb-node-red-contrib-a (npm)
The package @zalastax/nolb-node-red-contrib-a was found to contain malicious code...
MAL-2025-12664 Malicious code in @zalastax/nolb-node-red-contrib-2 (npm)
The package @zalastax/nolb-node-red-contrib-2 was found to contain malicious code...
MAL-2025-12670 Malicious code in @zalastax/nolb-node-red-contrib-d (npm)
The package @zalastax/nolb-node-red-contrib-d was found to contain malicious code...
Malicious code in red-contrib-enable-gps (npm)
The package red-contrib-enable-gps was found to contain malicious code...
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the calendar import header...
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the title of the View Events page...
CVE-2025-6675 Enterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-082
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.8.0, from 5.2.0 before 5.2.1, from 0.0.0 before 5.0., from 0.0.0 before 5.1...
CVE-2021-25864
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...
CVE-2025-47701 Restrict route by IP - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-047
Cross-Site Request Forgery CSRF vulnerability in Drupal Restrict route by IP allows Cross Site Request Forgery.This issue affects Restrict route by IP: from 0.0.0 before 1.3.0...