Malicious Package

kraken-api is a malicious package. It contains malicious codes in its post-install script which attempt to call home to a Command and Control server to execute arbitrary commands...

Malicious Package

Overview The package donotinstallthis contained malicious code. The package contained a script that was run as part of the install script. The script contacted a remote service tracking how many installations were done. There is no further compromise. Recommendation Remove the package from your...

CVE-2018-12556

The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only verifies that the yarn release is signed by any arbitrary key in the local keyring of the user, and does not pin the signature to the yarn release key, which allows remote attackers to sign tampered yarn...

CVE-2019-7692

install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder...

Malicious Package

Overview All versions of commander-js are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads an arbitrary file and executes its contents as a post-install script...

MiniCMS Arbitrary PHP Code Execution Vulnerability

MiniCMS is a micro content management system designed for personal websites. An arbitrary PHP code execution vulnerability exists in MiniCMS 1.10. An attacker can exploit this vulnerability to execute arbitrary PHP code via the install.php sitename parameter...

CVE-2018-17034

UCMS 1.4.6 has XSS via the install/index.php mysqldbname parameter...

Code injection

The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data...

CVE-2012-0433

CVE-2012-0433 affects the crowbar project’s script install-chef-suse.sh , shipped before 2012-10-02. The script creates files that contain confidential data with insecure permissions, enabling local users to read that data. This is confirmed by multiple sources (SUSE CVE entry, NVD/CVE records, C...

DefectDojo - Application Vulnerability Correlation And Security Orchestration Application

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one...

CVE-2018-10570

Frog CMS 0.9.5 has XSS in /install/index.php via the 'config''adminusername' field...

The vulnerability of the install/index.php script of the Exponent CMS system allows a hacker to execute arbitrary code.

The vulnerability of the Exponent CMS content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the sc parameter in the install/index.php script...

CVE-2015-0296

The pre-install script in texlive 3.1.20140525r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory...

CVE-2015-0296

The pre-install script in texlive 3.1.20140525r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory...

CVE-2015-0296

The CVE-2015-0296 entry concerns the TeX Live package scripts. The pre-install script in texlive 3.1.20140525_r34255.fc21 (Fedora 21) and texlive 6.20131226_r32488.fc20 (and related RPMs) allows an unprivileged local user to delete arbitrary files by placing a crafted file in the user’s home dire...

CVE-2015-0296

The pre-install script in texlive 3.1.20140525r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory...

Portable Virtual Private Network: goSecure

Portable Virtual Private Network goSecure is an easy to use and portable Virtual Private Network VPN solution. The system consists of a single server and one or many clients. strongSwan is used to establish a Suite B IPsec tunnel with pre-shared keys between the server and clients. The core crypt...

Remote Command Execution Vulnerability in Next-Generation Firewall System of SinoCom-ArtM

The InforCube Next-Generation Firewall NFW is a comprehensive security gateway security solution. A remote command execution vulnerability exists in the InforCube Next Generation Firewall system. The vulnerability allows an attacker to write php code into a file by modifying the install.php post...

glusterfs: glusterfs-server %pretrans rpm script temporary file issue

It was found that glusterfs-server RPM package would write file with predictable name into world readable /tmp directory. A local attacker could potentially use this flaw to escalate their privileges to root by modifying the shell script during the installation of the glusterfs-server package...

Teradata Studio Express Elevation of Privilege Vulnerability

Teradata Studio Express is a suite of information mining tools from Teradata Teradata that retrieve data from Teradata and Aster database systems and support the manipulation and storage of data on the desktop. An elevation of privilege vulnerability exists in the installation script in Teradata...