EUVD-2026-3712

Malicious code in jquery-ajaxchimp npm...

Malicious code in jquery-ajaxchimp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a460673be9b990e588584788a155a2341ce31fabf8d07d3d0e1b9dda16bb299 The package jquery-ajaxchimp was found to contain malicious code. Source: ghsa-malware 4075366a7f1f1cb9f88b4b4c300e0e79757fea87b01c85fbab708f9be098cf...

MiracleLinux 9 : tbb-2020.3-8.el9_5.1 (AXSA:2025-9628:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9628:01 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block...

MiracleLinux 7 : ipa-4.6.8-5.4.0.1.el7.AXS7 (AXSA:2021-1615:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1615:01 advisory. jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution CVE-2020-11023 Tenable has extracted the preceding...

MiracleLinux 8 : idm:client (AXSA:2021-1594:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1594:01 advisory. js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 8 : idm:DL1 (AXSA:2021-2291:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2291:01 advisory. jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution CVE-2020-11023 Tenable has extracted the preceding...

MiracleLinux 8 : pki-deps:10.6 (AXSA:2021-1599:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1599:01 advisory. jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 8 : idm:DL1 (AXSA:2021-1595:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1595:01 advisory. js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 7 : ipa-4.6.8-5.0.3.el7.AXS7 (AXSA:2020-776:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-776:03 advisory. js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 8 : idm:client (AXSA:2021-2292:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2292:01 advisory. jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution CVE-2020-11023 Tenable has extracted the preceding...

MiracleLinux 8 : pki-core:10.6 (AXSA:2021-1597:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1597:01 advisory. jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

MiracleLinux 7 : pcs-0.9.169-3.el7.3 (AXSA:2022-4104:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4104:06 advisory. rubygem-rack: crafted requests can cause shell escape sequences CVE-2022-30123 jquery: Prototype pollution in object's prototype leading to denial o...

MiracleLinux 4 : ipa-3.0.0-47.0.1.AXS4 (AXSA:2015-419:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-419:01 advisory. IPA is an integrated solution to provide centrally managed Identity machine, user, virtual machines, groups, authentication credentials, Policy...

MiracleLinux 8 : gcc-8.5.0-23.el8_10.ML.1 (AXSA:2025-9683:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9683:07 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block...

MiracleLinux 7 : gcc-4.8.5-44.0.1.el7.AXS7 (AXSA:2025-9920:15)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9920:15 advisory. CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code CVEs: CVE-2020-11023 In jQuery versions great...

com.amazonaws.serverless:aws-serverless-java-container-struts (=1.9), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=5.0.0) +50 more potentially affected by CVE-2025-68493 via org.apache.struts:struts2-core (>=6.0.0 <=6.0.3)

org.apache.struts:struts2-core MAVEN version =6.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.2 and more Source cves: CVE-2025-68493 Source advisory: OSV:GHSA-QCFC-HMRC-59X7https://vulners.co...

CVE-2022-31147

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41182)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41184)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41183)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...