Lucene search
K

1340 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/17 3:39 p.m.3 views

Malicious code in noblox.ts-core (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/12 3:9 p.m.4 views

Malicious code in discord-api-ts (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/12 3:2 p.m.6 views

Malicious code in noblox-cores-ts (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/11 7:8 a.m.6 views

Malicious code in noblox-core-ts (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/09 12:8 a.m.4 views

Malicious code in noblox-ts (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 6 : dovecot (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: Buffer overflow in indexer-worker process results in privilege escalation CVE-2019-7524 - A...

3.3CVSS5.8AI score0.02462EPSS
Exploits2References3
NVD
NVD
added 2024/03/14 7:15 p.m.14 views

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

7.3CVSS7.3AI score0.00321EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/14 6:37 p.m.20 views

CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

7.3CVSS7.9AI score0.00321EPSS
Exploits1References2
OSV
OSV
added 2024/03/14 6:37 p.m.24 views

CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

7.3CVSS7.7AI score0.00321EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.6 views

PT-2024-21805

Name of the Vulnerable Software and Affected Versions Support App versions prior to 2.5.1 Rev 2 Description The issue is related to the postinstall installer script, which can be abused to execute arbitrary code as root due to the use of the shebang !/bin/zsh. When the installer is executed, it...

7.3CVSS7.6AI score0.00321EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.3 views

SUSE CVE-2016-4983

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...

3.3CVSS6.5AI score0.00395EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/01/24 10:21 p.m.4 views

Malicious code in testing-postinstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92117c1864ea6df0bfd00f9d5f2f45cd011b75117f4ba545096788dcc75c0a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/01/24 10:21 p.m.6 views

MAL-2023-856 Malicious code in testing-postinstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92117c1864ea6df0bfd00f9d5f2f45cd011b75117f4ba545096788dcc75c0a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.3 views

Gentoo 安全漏洞

Gentoo is an open source Linux system from the Gentoo Foundation. A security vulnerability exists in Gentoo logcheck-1.3.23.ebuild and earlier versions, which originates from an attacker being able to perform a root privilege elevation via "chown -R" in pkgpostinst...

9.8CVSS8.2AI score0.00904EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/21 11:10 a.m.1 views

Malicious code in postinstall-dummy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 652042e2c25b6583777de6cdf0e4beeaaa9bb3e1a1114ca94840dae3e7a4715d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/21 11:10 a.m.4 views

MAL-2022-5429 Malicious code in postinstall-dummy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 652042e2c25b6583777de6cdf0e4beeaaa9bb3e1a1114ca94840dae3e7a4715d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.4 views

PT-2022-18679 · Automox · Automox Agent For Macos

Name of the Vulnerable Software and Affected Versions: Automox Agent for macOS versions prior to 39 Automox Agent for macOS versions prior to 37 Description: The issue is related to a time-of-check/time-of-use TOCTOU race-condition attack that can occur during the agent install process. It also...

7CVSS6.6AI score0.00165EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.2 views

Automox Alive Automox Agent 安全漏洞

Automox is a cloud-based tool from US-based Automox Inc. It can fully automate the patch repair process in Windows, macOS, Linux and third-party software including Adobe, Firefox, Chrome and Windows. A security vulnerability exists in Automox Alive Automox Agent that originates from allowing an...

7CVSS7AI score0.00165EPSS
Exploits0References4
OSV
OSV
added 2022/05/11 12:25 a.m.5 views

USN-5259-3 cron regression

USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely...

6.9CVSS6.7AI score0.00551EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.30 views

Solaris 10 (sparc) : 119783-47

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...

6CVSS6.3AI score0.1309EPSS
Exploits1References4
Rows per page
Query Builder