Malicious code in dit-envv (npm)

dit-envv is a typosquatting package impersonating dotenv, the widely-used environment variable loader. The package bundles the legitimate dotenv source and documentation to appear functional while hiding a credential-theft payload in index1.js, executed at install time via the postinstall script...

CVE-2025-54306

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configuration parameters through administrative...

Malicious code in orderly-network-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec35c18a8349d3d2dd52575ffa769fa141be9d1c7b99b0a3e95d994af6acb495 The package orderly-network-config was found to contain malicious code. Source: ghsa-malware...

MAL-2025-49327 Malicious code in orderly-network-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec35c18a8349d3d2dd52575ffa769fa141be9d1c7b99b0a3e95d994af6acb495 The package orderly-network-config was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview orderly-network-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

EUVD-2025-37455

Malicious code in orderly-network-config npm...

CVE-2025-45843

TOTOLINK NR1800X V9.1.0u.6681B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function...

TOTOLINK NR1800X 安全漏洞

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the ssid parameter in the setWiFiGuestCfg function failing to properly validate the length size of the input...

TOTOLINK NR1800X 安全漏洞

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the ssid5g parameter in the setWiFiEasyCfg function failing to properly validate the length size of the input...

CVE-2023-26802

An issue in the component /networkconfig/nsgmasq.cgi of DCN Digital China Networks DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request...

CVE-2023-26802

An issue in the component /networkconfig/nsgmasq.cgi of DCN Digital China Networks DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request...

SUSE CVE-2021-21212

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...

[SECURITY] Fedora 35 Update: golang-github-containerd-cni-1.1.6-1.fc35

A generic CNI library to provide APIs for CNI plugin interactions. The library provides APIs to: - Load CNI network config from different sources - Setup networks for container namespace - Remove networks from container namespace - Query status of CNI network plugin initialization...

[SECURITY] Fedora 36 Update: golang-github-containerd-cni-1.1.6-1.fc36

A generic CNI library to provide APIs for CNI plugin interactions. The library provides APIs to: - Load CNI network config from different sources - Setup networks for container namespace - Remove networks from container namespace - Query status of CNI network plugin initialization...

CVE-2017-20023 Solare Solar-Log Network Config privileges management

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as critical. This issue affects some unknown processing of the component Network Config. The manipulation leads to privilege escalation. The attack may be initiated remotely. Upgrading to version 3.5.3-86 is able to...

CVE-2021-21212

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...

CVE-2021-21212

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...

Code injection

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...

CVE-2021-21212

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...

CVE-2021-21212

Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP...