Lucene search
K

219 matches found

OSV
OSV
added 2025/04/25 8:32 p.m.4 views

MAL-2025-3399 Malicious code in freo-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8745e789b7b101fb7ede2f6f26567a39b6ec9522c2f6cad7f182098661442ced The OpenSSF Package Analysis project identified 'freo-design-system' @ 1.0.4 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/25 8:32 p.m.3 views

Malicious code in freo-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8745e789b7b101fb7ede2f6f26567a39b6ec9522c2f6cad7f182098661442ced The OpenSSF Package Analysis project identified 'freo-design-system' @ 1.0.4 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/23 4:3 p.m.2 views

Malicious code in tesla-design-system (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/04/23 4:3 p.m.2 views

MAL-2025-3419 Malicious code in tesla-design-system (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/03/17 3:26 a.m.4 views

MAL-2025-2475 Malicious code in snap-design-system-marketing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41a0edf987afa7aec8736b2683c5bb597fe53fcddad3dddbc3ea1074e252e8b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Akamai Blog
Akamai Blog
added 2025/03/10 10:20 a.m.3 views

Behind the Scenes: Introducing the Akamai Design System

We recently made some design changes to our UI to improve the user experience. Lead Senior Software Engineer Jaalah Ramos expands on the “why” in this Q&A...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.4 views

The vulnerability of Intel Quartus Prime’s automated design system lies in its uncontrolled search path, which allows attackers to escalate their privileges.

The vulnerability of Intel Quartus Prime’s automated design system is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS5.5AI score0.00174EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/03 7:3 a.m.5 views

Malicious code in snap-design-system-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bad4c0b89835a8fe7ca332902590a3ace5d2889d12e2d3cde10ee5dc5c695d54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/03/03 7:3 a.m.7 views

MAL-2025-1670 Malicious code in snap-design-system-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bad4c0b89835a8fe7ca332902590a3ace5d2889d12e2d3cde10ee5dc5c695d54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 8:16 a.m.5 views

Malicious code in launchpad-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e634713ebf6a8dfa6716324301d5ae77fb7e1081cc18e12d85dc9a2cce5d85a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/02/03 8:16 a.m.4 views

MAL-2025-1140 Malicious code in launchpad-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e634713ebf6a8dfa6716324301d5ae77fb7e1081cc18e12d85dc9a2cce5d85a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNVD
CNVD
added 2024/12/13 12:0 a.m.5 views

IBM Carbon Design System Cross-Site Scripting Vulnerability

IBM Carbon Design System is a design system for building user interfaces. A cross-site scripting vulnerability exists in IBM Carbon Design System. The vulnerability stems from insufficient validation of user input. An attacker can exploit the vulnerability to embed arbitrary JavaScript code in th...

5.4CVSS6AI score0.00223EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 2:30 p.m.28 views

CVE-2024-47117

IBM Carbon Design System Carbon Charts 0.4.0 through 1.13.16 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS0.00223EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 1:49 p.m.57 views

CVE-2024-47117

The CVE-2024-47117 entry concerns IBM Carbon Design System (Carbon Charts) with versions 0.4.0–1.13.16 affected by cross-site scripting. The root cause is improper handling/sanitization of user-provided HTML, enabling an authenticated user to embed arbitrary JavaScript in the Web UI, potentially ...

5.4CVSS5.2AI score0.00223EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/10 1:49 p.m.8 views

CVE-2024-47117 IBM Carbon Design System cross-site scripting

IBM Carbon Design System Carbon Charts 0.4.0 through 1.13.16 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS6.4AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 1:49 p.m.17 views

CVE-2024-47117 IBM Carbon Design System cross-site scripting

IBM Carbon Design System Carbon Charts 0.4.0 through 1.13.16 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.4 views

IBM Carbon Design System 跨站脚本漏洞

IBM Carbon Design System is a design system for building user interfaces. A cross-site scripting vulnerability exists in IBM Carbon Design System. The vulnerability stems from insufficient validation of user input. An attacker can exploit the vulnerability to embed arbitrary JavaScript code in th...

5.4CVSS6.1AI score0.00223EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/09 6:49 p.m.10 views

Security Bulletin: "Carbon Charts" is vulnerable to Cross-site Scripting due to Improper Neutralization of Input During Web Page Generation (CWE-79)

Summary The issue arises from the library not sanitizing custom HTML provided by developers, allowing potentially harmful scripts to be executed in the user's browser when interacting with the chart. Vulnerability Details CVEID:CVE-2024-47117 DESCRIPTION: IBM Carbon Design System is vulnerable to...

5.4CVSS5.8AI score0.00223EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2024/11/29 4:3 p.m.9 views

@10play/tentap-editor (>=0.5.27 <=0.7.5-alpha.0), @adminjs/design-system (>=3.0.0 <=4.0.3) +131 more potentially affected by CVE-2025-14284 via @tiptap/extension-link (>=2.0.0-beta.18 <=2.10.3)

@tiptap/extension-link NPM version =2.0.0-beta.18, =0.5.27, =3.0.0, =0.4.1, =3.0.0-alpha.1, =0.0.1, =0.2.1, =0.2.0, =0.1.0, =0.28.0, =3.4.0, =1.2.0, =0.0.3, =0.4.1 and more Source cves: CVE-2025-14284 Source advisory: SNYK:JS-TIPTAPEXTENSIONLINK-14222197...

6.1CVSS5.4AI score0.00302EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/30 3:40 p.m.4 views

Malicious code in @cb-global-design-system-tokens/tailwind (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f263b2c460c81b4e6f61cc1ce72351cf2f0b2d9ff3b745181715ca4296e22e2 The OpenSSF Package Analysis project identified '@cb-global-design-system-tokens/tailwind' @ 1.0.21 npm as malicious. It is considered malicious...

7.1AI score
Exploits0
Rows per page
Query Builder