Lucene search
K

9 matches found

OSV
OSV
added 2025/06/10 6:36 a.m.4 views

MAL-2025-4791 Malicious code in @react-native-aria/toggle (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 97ba08618fb93f76ae71922e2a9212ad64a743b1bff038fb70c33753273cb245 React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.4 views

MAL-2025-4776 Malicious code in @gluestack-ui/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 17982e09dcf1a69caf714afad49b310371d80fe7260bf21fcad08da2a07df00c React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.2 views

MAL-2025-4784 Malicious code in @react-native-aria/menu (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 8890be818fee58f3ddcfc7238753e75234d4f0d165160e786b299d128172ff69 React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.3 views

MAL-2025-4785 Malicious code in @react-native-aria/overlays (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b750f7d8494a011a02c4c74b8b68b56f54c51cb02b85cf9728c80cb1eef574e1 React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.9 views

MAL-2025-4792 Malicious code in @react-native-aria/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 86110b8ddeafc0fbfe05bcb49e82cc1047aca664d73928c3c12bac00f4ab4e7d React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.3 views

MAL-2025-4779 Malicious code in @react-native-aria/combobox (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 1ac997eb7889bb6aa988bf49e9beb198eb49629764c6fff1ac19cd4e8118b600 React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
Prion
Prion
added 2024/03/13 9:16 p.m.23 views

Sql injection

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...

5CVSS7.5AI score0.00603EPSS
Exploits1References1
OSV
OSV
added 2024/03/13 8:15 p.m.4 views

CVE-2024-28192 NoSQL Injection Leading to Authentication Bypass in your_spotify

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...

5.3CVSS5.9AI score0.00603EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.4 views

PT-2024-22326 · Unknown · Yourspotify

Name of the Vulnerable Software and Affected Versions: YourSpotify versions prior to 1.8.0 Description: The issue concerns a NoSQL injection vulnerability in the public access token processing logic. This allows attackers to bypass the public token authentication mechanism without user interactio...

5.3CVSS7.7AI score0.00603EPSS
Exploits1References5
Rows per page
Query Builder