492 matches found
CVE-2026-45368
Kirby CMS is affected in versions prior to 4.9.1 and 5.4.1 by an XSS in URL handling for several first‑party renderers that emit : the (link: …) KirbyTag, the link parameter of (image: …), the image block's link field, and the HTML importer for blocks. The underlying issue does not filter dangero...
Malicious code in express-mocha-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01d87351be0d9f68d73ec05867e55fe5712d4885fa76c70c5ec9b003ef512825 [email protected] declares a postinstall lifecycle hook that loads the package's main module, which calls fetch against an anonymous...
Malicious code in buildkite-test-collector-mocha-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37fbbae0cc3cfcba7b18566c1ab1f61417b1776206c3d0317956058c43ef61fa The package buildkite-test-collector-mocha-example was found to contain malicious code...
CVE-2020-36995
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
EUVD-2020-30914
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995 Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995 Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995
CVE-2020-36995 affects Mocha Telnet Lite for iOS 4.2. The vulnerability is a denial-of-service through user configuration input: an attacker can overwrite the 'User' field with 350 repeated characters to crash the app, leading to loss of normal functionality. The affected software/component is iO...
PT-2026-5273
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
Mocha Telnet Lite security vulnerabilities
Mocha Telnet Lite is an open-source terminal emulation tool developed by Mocha. Version 4.2 of Mocha Telnet Lite contains a security vulnerability, which stems from improper handling of user configuration inputs, potentially leading to application crashes...
EUVD-2025-178107
Malicious code in library-biosignature-bionics-mocha npm...
EUVD-2025-180053
Malicious code in biosignature-install-mocha-vortex npm...
EUVD-2025-175851
Malicious code in uglify-js-gatsby-mocha-titan npm...
Malicious code in karma-cross-env-mocha-grus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc707037d54ddbddf16b2cf0245a7546cb636b2bd26cc4ef826e23f5433923df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175603
Malicious code in webdriver-mocha-isostasy-arcturus-eslint-config npm...
EUVD-2025-176105
Malicious code in supernova-webdriver-mocha-centauri-vega npm...
EUVD-2025-176023
Malicious code in telesto-dotenv-safe-webdriver-mocha-jwt npm...
EUVD-2025-175601
Malicious code in webdriver-mocha-scripts-hadron-augmentedreality npm...
EUVD-2025-175388
Malicious code in zooarchaeology-mocha-markdown-neptunology npm...