Malicious Package in react-server-native

Version 0.0.7 of react-server-native contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.7 of this module is found installed...

GHSA-5645-GC7H-98H8 Malicious Package in react-dates-sc

Version 0.3.0 of react-dates-sc contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.3.0 of this module is found installed you...

Malicious Package in rc-calendar-jhorst

Version 8.4.3 of rc-calendar-jhorst contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 8.4.3 of this module is found installed y...

GHSA-9CQ4-MHMR-84GM Malicious Package in jasmin

Version 0.0.3 of jasmin contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.3 of this module is found installed you will want...

Malicious Package in jasmin

Version 0.0.3 of jasmin contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.3 of this module is found installed you will want...

Malicious Package in css_transform_step

Version 1.0.6 of csstransformstep contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.6 of this module is found installed you...

GHSA-4RX9-58M7-GR8W Malicious Package in css_transform_step

Version 1.0.6 of csstransformstep contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.6 of this module is found installed you...

GHSA-X9GM-QXHH-RF75 Malicious Package in cordova-plugin-china-picker

Version 1.0.910 of cordova-plugin-china-picker contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.910 of this module is foun...

Malicious Package in coffee-project

Version 1.7.5 of coffee-project contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.7.5 of this module is found installed you...

Malicious Package in awesome_react_utility

Version 1.0.2 of awesomereactutility contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.2 of this module is found installed...

GHSA-QMXF-FXQ7-W59F Malicious Package in angular-material-sidenav-rnd

Version 0.1.1 of angular-material-sidenav-rnd contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.1.1 of this module is found...

CVE-2020-13470

Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data...

Design/Logic Flaw

Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data...

CVE-2020-13470

Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data...

CVE-2020-13470

CVE-2020-13470 affects Gigadevice GD32F103 and GD32F130 microcontrollers. The root cause is physical access enabling probing of bonding wires to de-obfuscate and extract data, with potential high integrity impact and no public remediation details in the provided documents. Monitor for vendor advi...

Medium: lynis

Issue Overview: In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be...

CVE-2020-15486

An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because the Bluetooth LE support is implemented without a requirement for pairing or security, any attacker can access the GATT server of the device and can sniff the data being broadcasted while a measurement is being done. Also, saved...

Design/Logic Flaw

An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because the Bluetooth LE support is implemented without a requirement for pairing or security, any attacker can access the GATT server of the device and can sniff the data being broadcasted while a measurement is being done. Also, saved...

Evine - Interactive CLI Web Crawler

Evine is a simple, fast, and interactive web crawler and web scraper written in Golang. Evine is useful for a wide range of purposes such as metadata and data extraction, data mining, reconnaissance and testing. Follow the project on Twitter. Install From Binary Pre-build binary releases are also...

Mail.ru: tmgame.mail.ru - Blind sql injection

https://tmgame.mail.ru/action.php?xml=1&acode=comein&buildtype=all&bldID=selectfromselectsleep20a&bldlocID=8 bldID уязвимый get-параметор. Impact Получение данных из бд...