850 matches found
Malicious code in @antv/geo-coord (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-3999 Malicious code in @antv/geo-coord (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
@antv/l7-editor (>=1.1.0 <=1.1.13), @antv/li-aiearth-assets (>=0.0.1 <=0.4.7) +2 more potentially affected by unknown CVE via @antv/sam (>=0.0.1 <=0.1.0)
@antv/sam NPM version =0.0.1, =1.1.0, =0.0.1, =0.1.1, =0.1.3 - @tommy2gis/geo-editor =1.1.9 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVSAM-16754425...
WordPress MapGeo – Interactive Geo Maps plugin <= 1.6.27 - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting vulnerability
Interactive Geo Maps plugin = 1.6.27 - Interactive Geo Maps = 1.6.27 - Reflected Cross-Site Scripting vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Interactive Geo Maps versions = 1.6.27...
Exploit for CVE-2026-4060
CVE-2026-4060 — Geo Mashup ≤ 1.13.18 Unauthenticated SQL Injec...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
MAL-2026-3445 Malicious code in @squawk/geo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40cdbd9c6b1d4f4cfb2769aa09dc2a6c1375426de1eaa166de681740f556cd4 The package @squawk/geo was found to contain malicious code. Source: ghsa-malware ff0e460885b141aab0b22a38b446936439b76287160c78aaad30d7ad4ab22ed9 An...
Malicious code in @squawk/geo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40cdbd9c6b1d4f4cfb2769aa09dc2a6c1375426de1eaa166de681740f556cd4 The package @squawk/geo was found to contain malicious code. Source: ghsa-malware ff0e460885b141aab0b22a38b446936439b76287160c78aaad30d7ad4ab22ed9 An...
@squawk/airports (>=0.3.1 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +4 more potentially affected by unknown CVE via @squawk/geo (>=0.2.1 <=0.4.3)
@squawk/geo NPM version =0.2.1, =0.3.1, =0.2.3, =0.1.3, =0.3.1, =0.2.0, =0.2.3, =0.4.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKGEO-16640893...
@squawk/airport-data (>=0.2.0 <=0.7.9), @squawk/airports (>=0.2.0 <=0.6.1) +16 more potentially affected by unknown CVE via @squawk/types (>=0.3.1 <=0.8.0)
@squawk/types NPM version =0.3.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKTYPES-16640890...
EUVD-2025-209757
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
CVE-2025-43992 affects Dell EMC: Dell ECS versions 3.8.1.0–3.8.1.7 and Dell ObjectScale versions before 4.3.0.0. The issue is an authentication bypass via assumed-immutable data in Geo replication, allowing an unauthenticated attacker with remote access to potentially access data in transit. The ...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
Dell ECS 安全漏洞
Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from a certification bypass in Geo replication, whic...
PT-2026-39582
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
WordPress Geo Mashup plugin <= 1.13.19 - Authenticated (Subscriber+) SQL Injection vulnerability
Authenticated Subscriber+ SQL Injection vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin Geo Mashup versions = 1.13.19...
WordPress Geo Mashup plugin <= 1.13.18 - Unauthenticated Time-Based SQL Injection vulnerability
Unauthenticated Time-Based SQL Injection vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Geo Mashup versions = 1.13.18...