60 matches found
Malicious code in loom-plugin-babel (npm)
The package loom-plugin-babel was found to contain malicious code...
Malicious code in loom-plugin-eslint (npm)
The package loom-plugin-eslint was found to contain malicious code...
Malicious code in loom-plugin-rollup (npm)
The package loom-plugin-rollup was found to contain malicious code...
Malicious code in loom-plugin-postcss (npm)
The package loom-plugin-postcss was found to contain malicious code...
Malicious code in loom-plugin-build-library (npm)
The package loom-plugin-build-library was found to contain malicious code...
MAL-2025-25578 Malicious code in loom-plugin-package-build (npm)
The package loom-plugin-package-build was found to contain malicious code...
MAL-2025-25574 Malicious code in loom-plugin-build-library (npm)
The package loom-plugin-build-library was found to contain malicious code...
MAL-2025-25576 Malicious code in loom-plugin-eslint (npm)
The package loom-plugin-eslint was found to contain malicious code...
MAL-2025-25579 Malicious code in loom-plugin-postcss (npm)
The package loom-plugin-postcss was found to contain malicious code...
MAL-2025-25580 Malicious code in loom-plugin-prettier (npm)
The package loom-plugin-prettier was found to contain malicious code...
CVE-2024-23742
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...
CVE-2019-14432
Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack...
dagster-dbt (>=0.21.7 <=0.21.12), dbt-docs-mcp (=0.0.1) +4 more potentially affected by CVE-2024-36105 via dbt-core (>=1.8.0 <=1.8.0rc2)
dbt-core PYPI version =1.8.0, =0.21.7, =0.5.3, =1.12.1rc1, =1.14.0b6 Source cves: CVE-2024-36105 Source advisory: OSV:GHSA-PMRX-695R-4349...
dagster-dbt (>=0.19.3 <=0.20.4), dagster-ext (>=0.0.1a11 <=0.1.0) +8 more potentially affected by unknown CVE via dbt-core (>=1.6.0 <=1.6.12)
dbt-core PYPI version =1.6.0, =0.19.3, =0.0.1a11, =1.6.0b1, =0.1.0, =0.0.1, =1.6.0, =1.3.0, =1.6.0, =0.200.0.dev5, =0.200.0.dev14 Source cves: unknown CVE Source advisory: OSV:GHSA-P72Q-H37J-3HQ7...
CVE-2024-23742
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...
CVE-2024-23742
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...
Code injection
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...
CVE-2024-23742
CVE-2024-23742 affects Loom on macOS 0.196.1 and earlier. The issue enables arbitrary code execution via the RunAsNode and enableNodeClilnspectArguments settings; the vendor contends exploitation requires local access. Connected sources (Red Hat, NVD, CNNVD, CVE listings, PT Security) corroborate...
Loom Security Vulnerabilities
Loom is a free screen recorder for Mac from Loom. A security vulnerability previously existed in Loom version 0.196.1, which stemmed from arbitrary code execution via the RunAsNode and enableNodeClilnspectArguments settings...
CVE-2024-23742
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...