6999 matches found
Malicious code in xyq-drama-skill (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 062ea591e5b995503deb15b174a37fc7af37cb5987a6c3d715d256fe0c3bfe10 setup.py registers a custom install cmdclass that, on pip install, downloads an opaque binary from...
CVE-2026-49458 DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks
DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Prior to 3.4.6, DOMPurify.sanitizenode, INPLACE: true accepted same-origin foreign-realm DOM nodes while follow-on checks used parent-realm constructors, causing instanceof checks for forms, named node maps, documen...
CVE-2026-8085
A security issue exists within Arena® Simulation due to a memory corruption vulnerability in the model.exe Siman component. The vulnerability stems from improper validation of user-supplied data, which can result in an out-of-bounds write. An attacker could leverage this vulnerability to execute...
CVE-2026-8313
The provided data describes CVE-2026-8313 affecting Arena® Simulation, specifically a memory corruption vulnerability in the linker.exe (Siman) component. The issue arises from improper validation of user-supplied data, leading to an out-of-bounds write. An attacker could potentially execute arbi...
CVE-2026-8085
The CVE concerns Arena® Simulation, specifically memory corruption in the model.exe (Siman) component caused by improper validation of user-supplied data, leading to an out-of-bounds write. Exploitation could allow arbitrary code execution in the context of the current process when a user opens a...
PT-2026-58022
Name of the Vulnerable Software and Affected Versions Arena Simulation affected versions not specified Description A memory corruption issue exists in the siman.exe Siman component. The flaw is caused by improper validation of user-supplied data, leading to an out-of-bounds write, which occurs wh...
Malicious code in defi-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a2562ad49633ee8c845db08a485394cb31c7de12d9f87eb3f8ef0ab61fb5128 On first import, defitools/init.py decodes a base64-embedded 486KB Linux ELF, writes it to /.config/.npm-cache/snapd-network, sets mode 0777, and...
CVE-2026-57828
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
EUVD-2026-43167
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
CVE-2026-57828 Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
MAL-2026-10091 Malicious code in qlinforge (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713a696ce725031aab16903d7a29c80611a4c4368c7e35bacf29069a3581c602 setup.py registers a custom install command that, on Linux, downloads an opaque binary from http://115.190.124.243:9090/payloadlinuxamd64 to...
Malicious code in multer-orm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb45c09aa7a237b2b9ff18ccf6426b76a4f46e5ea665c7747f35a345940e161 multer-orm is a typosquat of the widely used multer middleware. Its README is copied from multer, but the package adds a load-time dropper in...
Malicious code in playwrightr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e165b925f82629524e611c81597c32a171df7cec246dc73f268d8192ccbe2c5 setup.py registers a CustomInstallCommand that runs automatically on pip install under Windows. It uses WinHTTP via ctypes to fetch a binary from...
EUVD-2026-42435
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...
PT-2026-56777
Name of the Vulnerable Software and Affected Versions Balbooa Forms versions prior to 2.4.1 Description The Joomla extension Balbooa Forms, installed as the com baforms component, contains a flaw in its frontend attachment upload functionality. This issue allows an unauthenticated anonymous visit...
CVE-2026-10037
CVE-2026-10037 describes a sandbox escape in Ubuntu’s OpenJDK packages. The issue arises from .jar MIME handlers installed by these packages executing files marked as executable when the mailcap package is present. A compromised sandboxed application with access to the OpenURI portal via xdg-desk...
CVE-2026-55849 @cyclonedx/cyclonedx-npm: Shell Injection via Unsanitized `--workspace` Argument
@cyclonedx/cyclonedx-npm creates CycloneDX Software Bill of Materials from npm projects. From 2.1.0 before 5.0.0, the CLI passes user-supplied --workspace values to a subshell without proper sanitization when npmexecpath is unset or empty, allowing arbitrary OS command execution with the privileg...
CVE-2026-59946
Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and...
CVE-2026-57895
Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...
CVE-2026-57895
Pupsman before 3.9.0 has an incorrect default-permissions issue that allows an attacker to drop a malicious executable into the installation folder, enabling arbitrary code execution with SYSTEM privileges. Affected software: Pupsman, versions prior to 3.9.0. Root cause: default permissions misco...