Lucene search
K

11 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 2:18 a.m.9 views

Malicious code in mongoose-json-format (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 910cc6eef707ac872daeb3a527e6dd9c75044ebb178f9eb48745f5cfd4123968 helpers.js defines a createLog helper that base64-decodes a constant HASHKEY to https://www.jsonkeeper.com/b/XVHGD an anonymous JSON-paste host and...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 10:20 p.m.8 views

Malicious code in ssr-auth-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe43338279cb894ffacc18ef9ec757d4b4fa8b603672b0bedcb4c00d9f8a806 On require'ssr-auth-sync', index.js loads lib/writer.js, which immediately fetches a base64-hidden URL https://www.jsonkeeper.com/b/PJNZP, an anonymo...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/13 3:3 a.m.13 views

MAL-2026-5727 Malicious code in vite-config-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f824c077d7d2705d17dc29eba9a24ea8b51b93785bcf83fdfe639fc8f9bc581f package.json declares a postinstall hook node -e "require'./loader.js'" that auto-executes on every npm install. loader.js spawns a detached child No...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/06/11 4:49 a.m.11 views

MAL-2026-5569 Malicious code in js-crypto-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d677e45bee46911d04564e9260f4b569119a4ca0a13a58bcd43760359fbb4f The package's prepinstall.js script base64-decodes a hidden URL stored in a constant misleadingly named HASHKEY decoding to...

6.3AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.6 views

CVE-2025-59483

A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.5CVSS6.9AI score0.00348EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-33306

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00444EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/01/30 12:33 p.m.9 views

Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could have allowed for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary comman...

8.1AI score
Exploits0
Prion
Prion
added 2023/12/12 1:15 a.m.14 views

Cross site scripting

An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...

5.8CVSS6.5AI score0.00446EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/04/19 12:0 a.m.35 views

Cisco Wireless LAN Controller Multiple DoS

According to its self-reported version, the Cisco Wireless LAN Controller WLC software running on the remote device is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the RADIUS Change of Authorization CoA request processing due to improper...

7.8CVSS6.2AI score0.03246EPSS
Exploits0References6
OSV
OSV
added 2017/04/06 6:59 p.m.4 views

CVE-2017-3832

A vulnerability in the web management interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An...

7.5CVSS5.8AI score0.03246EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2013/08/06 3:9 a.m.45 views

HP LaserJet Pro Printers remotely exploitable to gain unauthorized access to Wi-Fi and Printer Data

Do you own an HP printer? If so, it may be vulnerable to Hackers. Multiple HP LaserJet Pro Printers are printer vulnerable to hackers according to a new advisory posted by the vendor, dubbed as CVE-2013-4807 SSRT101181. Researcher 'Micha Sajdak' of Securitum.pl have found a security hole HP...

7.8CVSS0.4AI score0.04046EPSS
Exploits0
Rows per page
Query Builder