143 matches found
EUVD-2024-0797
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-9274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific...
Malicious code in @zalastax/nolb-packager (npm)
The package @zalastax/nolb-packager was found to contain malicious code...
MAL-2025-12917 Malicious code in @zalastax/nolb-packager (npm)
The package @zalastax/nolb-packager was found to contain malicious code...
org.glassfish.main.distributions:glassfish (>=4.0 <=4.0-b90), org.glassfish.main.distributions:web (>=4.0 <=4.0-b90) +4 more potentially affected by CVE-2024-10032 via org.glassfish.main.admingui:console-cluster-plugin (>=4.0 <=7.0.25)
org.glassfish.main.admingui:console-cluster-plugin MAVEN version =4.0, =4.0, =4.0, =6.2.5, =4.1, =4.1, =4.0, =5.0 Source cves: CVE-2024-10032 Source advisory: OSV:GHSA-62G9-99M7-W8WV...
CVE-2023-30759
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an...
Malicious code in timify-packager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 440654aa8c74a2e41a533db2f19a6979cd5863485d40295a5d007fec08638c6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2015 Malicious code in timify-packager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 440654aa8c74a2e41a533db2f19a6979cd5863485d40295a5d007fec08638c6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-29900
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
Malicious code in clean-packager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 262c927312d80c4f09dc74bcc93a7036c67a0e3c831d802ce8cbebc21b37e4b5 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...
MAL-2025-907 Malicious code in clean-packager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 262c927312d80c4f09dc74bcc93a7036c67a0e3c831d802ce8cbebc21b37e4b5 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...
Malicious code in grunt-frontend-packager (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2441 Malicious code in grunt-frontend-packager (npm)
--- -= Per source details. Do not edit below this line.=-...
GHSA-34H3-8MW4-QW57 @electron/packager's build process memory potentially leaked into final executable
Impact A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This memory could contain sensitive information such as environment variables, secrets files, etc. Patches This issue is patched in 18.3.1 Workarounds No...
CVE-2024-29900
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
CVE-2024-29900
The CVE-2024-29900 entry concerns the Electron Packager project. Affected component: the bundling/packaging process used to create distributable Electron apps, specifically within @electron/packager. Root cause: a memory leak where a random segment of ~1–10 kB of Node.js heap memory allocated on ...
Electron Packager 安全漏洞
Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and enables the writing of cross-platform desktop applications using HTML and CSS. A security vulnerability exists in Electron Packager versio...