218 matches found
Malicious Package
Overview pluxee-design-system is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-200008
Malicious code in pluxee-design-system npm...
Malicious code in pluxee-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701f52cd229baaf8a44c372915a6bdbcc5510c156fb75c21d23c932d51ccde2f The package pluxee-design-system was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191502 Malicious code in pluxee-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701f52cd229baaf8a44c372915a6bdbcc5510c156fb75c21d23c932d51ccde2f The package pluxee-design-system was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199307
Malicious code in @ifings/design-system npm...
MAL-2025-191236 Malicious code in @ifings/design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8a2d458b22985eaf37f768018a4359ed4e32182c1c21f0f204e440b8f37772f The package @ifings/design-system was found to contain malicious code. Source: ghsa-malware...
@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @anyauth/design-system (>=0.5.0 <=0.5.1) +18 more potentially affected by CVE-2025-64764 via astro (>=5.0.0-beta.5 <=5.15.6)
astro NPM version =5.0.0-beta.5, =1.0.0, =0.5.0, =0.0.1, =0.1.0, =0.0.1, =2.18.7, =0.1.2-alpha.1, =0.0.28, =0.0.28, =1.13.2, =0.1.8, =1.0.21, =1.0.22 and more Source cves: CVE-2025-64764 Source advisory: SNYK:JS-ASTRO-14059122...
CVE-2025-12082
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
EUVD-2025-36873
Drupal CivicTheme Design System allows Cross-Site Scripting XSS...
GHSA-H72Q-CQ3W-H3WC Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
EUVD-2025-36874
Drupal CivicTheme Design System allows Forceful Browsing...
Drupal CivicTheme Design System allows Forceful Browsing
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
GHSA-QXR9-F877-9842 Drupal CivicTheme Design System allows Forceful Browsing
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12082
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12082
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
Drupal CivicTheme Design System 安全漏洞
Drupal CivicTheme Design System is a theme design plugin for the Drupal community. A security vulnerability exists in Drupal CivicTheme Design System versions prior to 1.12.0 that stems from improper authorization and could lead to a forced browsing attack...